Security update for wireshark SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:1428-1 Final 1 1 2018-05-25T16:47:26Z current 2018-05-25T16:47:26Z 2018-05-25T16:47:26Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wireshark This update for wireshark fixes the following issues: Minor vulnerabilities that could be used to trigger dissector crashes or cause excessive memory use by making Wireshark read specially crafted packages from the network or capture files (boo#1094301): - CVE-2018-11356: DNS dissector crash - CVE-2018-11357: Multiple dissectors could consume excessive memory - CVE-2018-11358: Q.931 dissector crash - CVE-2018-11359: The RRC dissector and other dissectors could crash - CVE-2018-11360: GSM A DTAP dissector crash - CVE-2018-11362: LDSS dissector crash This update to version 2.4.7 also contains bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.7.html The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00104.html E-Mail link for openSUSE-SU-2018:1428-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 15.0 openSUSE Leap 42.3 libwireshark9-2.4.7-lp150.2.3.1 libwiretap7-2.4.7-lp150.2.3.1 libwscodecs1-2.4.7-lp150.2.3.1 libwsutil8-2.4.7-lp150.2.3.1 wireshark-2.4.7-lp150.2.3.1 wireshark-devel-2.4.7-lp150.2.3.1 wireshark-ui-gtk-2.2.15-41.1 wireshark-ui-qt-2.4.7-lp150.2.3.1 libwireshark9-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 15.0 libwireshark9-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 42.3 libwiretap7-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 15.0 libwiretap7-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 42.3 libwscodecs1-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 15.0 libwscodecs1-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 42.3 libwsutil8-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 15.0 libwsutil8-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 42.3 wireshark-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 15.0 wireshark-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 42.3 wireshark-devel-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 15.0 wireshark-devel-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 42.3 wireshark-ui-gtk-2.2.15-41.1 as a component of openSUSE Leap 15.0 wireshark-ui-gtk-2.2.15-41.1 as a component of openSUSE Leap 42.3 wireshark-ui-qt-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 15.0 wireshark-ui-qt-2.4.7-lp150.2.3.1 as a component of openSUSE Leap 42.3 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record. CVE-2018-11356 openSUSE Leap 15.0:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 15.0:wireshark-ui-qt-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 42.3:wireshark-ui-qt-2.4.7-lp150.2.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00104.html https://www.suse.com/security/cve/CVE-2018-11356.html CVE-2018-11356 https://bugzilla.suse.com/1094301 SUSE Bug 1094301 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. CVE-2018-11357 openSUSE Leap 15.0:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 15.0:wireshark-ui-qt-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 42.3:wireshark-ui-qt-2.4.7-lp150.2.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00104.html https://www.suse.com/security/cve/CVE-2018-11357.html CVE-2018-11357 https://bugzilla.suse.com/1094301 SUSE Bug 1094301 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup. CVE-2018-11358 openSUSE Leap 15.0:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 15.0:wireshark-ui-qt-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 42.3:wireshark-ui-qt-2.4.7-lp150.2.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00104.html https://www.suse.com/security/cve/CVE-2018-11358.html CVE-2018-11358 https://bugzilla.suse.com/1094301 SUSE Bug 1094301 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. CVE-2018-11359 openSUSE Leap 15.0:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 15.0:wireshark-ui-qt-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 42.3:wireshark-ui-qt-2.4.7-lp150.2.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00104.html https://www.suse.com/security/cve/CVE-2018-11359.html CVE-2018-11359 https://bugzilla.suse.com/1094301 SUSE Bug 1094301 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow. CVE-2018-11360 openSUSE Leap 15.0:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 15.0:wireshark-ui-qt-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 42.3:wireshark-ui-qt-2.4.7-lp150.2.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00104.html https://www.suse.com/security/cve/CVE-2018-11360.html CVE-2018-11360 https://bugzilla.suse.com/1094301 SUSE Bug 1094301 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character. CVE-2018-11362 openSUSE Leap 15.0:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 15.0:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 15.0:wireshark-ui-qt-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwireshark9-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwiretap7-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwscodecs1-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:libwsutil8-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-devel-2.4.7-lp150.2.3.1 openSUSE Leap 42.3:wireshark-ui-gtk-2.2.15-41.1 openSUSE Leap 42.3:wireshark-ui-qt-2.4.7-lp150.2.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00104.html https://www.suse.com/security/cve/CVE-2018-11362.html CVE-2018-11362 https://bugzilla.suse.com/1094301 SUSE Bug 1094301