Security update for wireshark SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:2923-1 Final 1 1 2016-11-18T13:13:00Z current 2016-11-18T13:13:00Z 2016-11-18T13:13:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wireshark This update to wireshark 2.2.2 fixes the following issues: - CVE-2016-9372: Profinet I/O long loop (boo#1010807) - CVE-2016-9374: AllJoyn crash (boo#1010752) - CVE-2016-9376: OpenFlow crash (boo#1010735) - CVE-2016-9373: DCERPC crash (boo#1010754) - CVE-2016-9375: DTN infinite loop (boo#1010740) This update also contains urther bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2016-11/msg00116.html E-Mail link for openSUSE-SU-2016:2923-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 wireshark-2.2.2-3.1 wireshark-devel-2.2.2-3.1 wireshark-ui-gtk-2.2.2-3.1 wireshark-ui-qt-2.2.2-3.1 wireshark-2.2.2-3.1 as a component of openSUSE Leap 42.2 wireshark-devel-2.2.2-3.1 as a component of openSUSE Leap 42.2 wireshark-ui-gtk-2.2.2-3.1 as a component of openSUSE Leap 42.2 wireshark-ui-qt-2.2.2-3.1 as a component of openSUSE Leap 42.2 In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects. CVE-2016-9372 openSUSE Leap 42.2:wireshark-2.2.2-3.1 openSUSE Leap 42.2:wireshark-devel-2.2.2-3.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.2-3.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.2-3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-11/msg00116.html https://www.suse.com/security/cve/CVE-2016-9372.html CVE-2016-9372 https://bugzilla.suse.com/1010807 SUSE Bug 1010807 In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings. CVE-2016-9373 openSUSE Leap 42.2:wireshark-2.2.2-3.1 openSUSE Leap 42.2:wireshark-devel-2.2.2-3.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.2-3.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.2-3.1 moderate 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-11/msg00116.html https://www.suse.com/security/cve/CVE-2016-9373.html CVE-2016-9373 https://bugzilla.suse.com/1010754 SUSE Bug 1010754 https://bugzilla.suse.com/1010911 SUSE Bug 1010911 In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable. CVE-2016-9374 openSUSE Leap 42.2:wireshark-2.2.2-3.1 openSUSE Leap 42.2:wireshark-devel-2.2.2-3.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.2-3.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.2-3.1 moderate 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-11/msg00116.html https://www.suse.com/security/cve/CVE-2016-9374.html CVE-2016-9374 https://bugzilla.suse.com/1010752 SUSE Bug 1010752 https://bugzilla.suse.com/1010911 SUSE Bug 1010911 In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful. CVE-2016-9375 openSUSE Leap 42.2:wireshark-2.2.2-3.1 openSUSE Leap 42.2:wireshark-devel-2.2.2-3.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.2-3.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.2-3.1 moderate 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-11/msg00116.html https://www.suse.com/security/cve/CVE-2016-9375.html CVE-2016-9375 https://bugzilla.suse.com/1010740 SUSE Bug 1010740 https://bugzilla.suse.com/1010911 SUSE Bug 1010911 In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large. CVE-2016-9376 openSUSE Leap 42.2:wireshark-2.2.2-3.1 openSUSE Leap 42.2:wireshark-devel-2.2.2-3.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.2-3.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.2-3.1 moderate 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-11/msg00116.html https://www.suse.com/security/cve/CVE-2016-9376.html CVE-2016-9376 https://bugzilla.suse.com/1010735 SUSE Bug 1010735 https://bugzilla.suse.com/1010911 SUSE Bug 1010911