Security update for wireshark SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:1534-1 Final 1 1 2017-06-12T06:35:27Z current 2017-06-12T06:35:27Z 2017-06-12T06:35:27Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wireshark This update for wireshark fixes minor vulnerabilities that could be used to trigger dissector crashes, infinite loops, or cause excessive use of CPU resources by making Wireshark read specially crafted packages from the network or a capture file: - CVE-2017-9352: Bazaar dissector infinite loop (boo#1042304) - CVE-2017-9348: DOF dissector read overflow (boo#1042303) - CVE-2017-9351: DHCP dissector read overflow (boo#1042302) - CVE-2017-9346: SoulSeek dissector infinite loop (boo#1042301) - CVE-2017-9345: DNS dissector infinite loop (boo#1042300) - CVE-2017-9349: DICOM dissector infinite loop (boo#1042305) - CVE-2017-9350: openSAFETY dissector memory exhaustion (boo#1042299) - CVE-2017-9344: BT L2CAP dissector divide by zero (boo#1042298) - CVE-2017-9343: MSNIP dissector crash (boo#1042309) - CVE-2017-9347: ROS dissector crash (boo#1042308) - CVE-2017-9354: RGMP dissector crash (boo#1042307) - CVE-2017-9353: IPv6 dissector crash (boo#1042306) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html E-Mail link for openSUSE-SU-2017:1534-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 wireshark-2.2.7-14.6.1 wireshark-devel-2.2.7-14.6.1 wireshark-ui-gtk-2.2.7-14.6.1 wireshark-ui-qt-2.2.7-14.6.1 wireshark-2.2.7-14.6.1 as a component of openSUSE Leap 42.2 wireshark-devel-2.2.7-14.6.1 as a component of openSUSE Leap 42.2 wireshark-ui-gtk-2.2.7-14.6.1 as a component of openSUSE Leap 42.2 wireshark-ui-qt-2.2.7-14.6.1 as a component of openSUSE Leap 42.2 In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address. CVE-2017-9343 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9343.html CVE-2017-9343 https://bugzilla.suse.com/1042309 SUSE Bug 1042309 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 https://bugzilla.suse.com/1042331 SUSE Bug 1042331 https://bugzilla.suse.com/1077080 SUSE Bug 1077080 In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value. CVE-2017-9344 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9344.html CVE-2017-9344 https://bugzilla.suse.com/1042298 SUSE Bug 1042298 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 https://bugzilla.suse.com/1042331 SUSE Bug 1042331 In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers. CVE-2017-9345 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9345.html CVE-2017-9345 https://bugzilla.suse.com/1042300 SUSE Bug 1042300 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 https://bugzilla.suse.com/1042331 SUSE Bug 1042331 In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit. CVE-2017-9346 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9346.html CVE-2017-9346 https://bugzilla.suse.com/1042301 SUSE Bug 1042301 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 https://bugzilla.suse.com/1042331 SUSE Bug 1042331 In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID. CVE-2017-9347 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9347.html CVE-2017-9347 https://bugzilla.suse.com/1042308 SUSE Bug 1042308 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value. CVE-2017-9348 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9348.html CVE-2017-9348 https://bugzilla.suse.com/1042303 SUSE Bug 1042303 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value. CVE-2017-9349 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9349.html CVE-2017-9349 https://bugzilla.suse.com/1042305 SUSE Bug 1042305 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 https://bugzilla.suse.com/1042331 SUSE Bug 1042331 In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length. CVE-2017-9350 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9350.html CVE-2017-9350 https://bugzilla.suse.com/1042299 SUSE Bug 1042299 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 https://bugzilla.suse.com/1042331 SUSE Bug 1042331 https://bugzilla.suse.com/1049255 SUSE Bug 1049255 https://bugzilla.suse.com/1049621 SUSE Bug 1049621 In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully. CVE-2017-9351 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9351.html CVE-2017-9351 https://bugzilla.suse.com/1042302 SUSE Bug 1042302 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 https://bugzilla.suse.com/1042331 SUSE Bug 1042331 In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur. CVE-2017-9352 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 5.4 AV:N/AC:H/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9352.html CVE-2017-9352 https://bugzilla.suse.com/1042304 SUSE Bug 1042304 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 https://bugzilla.suse.com/1042331 SUSE Bug 1042331 In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was addressed in epan/dissectors/packet-ipv6.c by validating an IPv6 address. CVE-2017-9353 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9353.html CVE-2017-9353 https://bugzilla.suse.com/1042306 SUSE Bug 1042306 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address. CVE-2017-9354 openSUSE Leap 42.2:wireshark-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-devel-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.7-14.6.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.7-14.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-06/msg00033.html https://www.suse.com/security/cve/CVE-2017-9354.html CVE-2017-9354 https://bugzilla.suse.com/1042307 SUSE Bug 1042307 https://bugzilla.suse.com/1042324 SUSE Bug 1042324 https://bugzilla.suse.com/1042330 SUSE Bug 1042330 https://bugzilla.suse.com/1042331 SUSE Bug 1042331