Security update for wireshark SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:1046-1 Final 1 1 2015-06-03T10:45:46Z current 2015-06-03T10:45:46Z 2015-06-03T10:45:46Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wireshark Wireshark was updated to 1.10.14 to fix four security issues. The following vulnerabilities have been fixed: * CVE-2015-3811: The WCP dissector could crash while decompressing data. (wnpa-sec-2015-14) * CVE-2015-3812: The X11 dissector could leak memory. (wnpa-sec-2015-15) * CVE-2015-3813: The packet reassembly code could leak memory. (wnpa-sec-2015-16) * CVE-2015-3814: The IEEE 802.11 dissector could go into an infinite loop. (wnpa-sec-2015-17) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-2015-266,SUSE-SLE-SDK-12-2015-266,SUSE-SLE-SERVER-12-2015-266 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20151046-1/ Link for SUSE-SU-2015:1046-1 https://lists.suse.com/pipermail/sle-security-updates/2015-June/001437.html E-Mail link for SUSE-SU-2015:1046-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/930689 SUSE Bug 930689 https://bugzilla.suse.com/930691 SUSE Bug 930691 https://www.suse.com/security/cve/CVE-2015-3811/ SUSE CVE CVE-2015-3811 page https://www.suse.com/security/cve/CVE-2015-3812/ SUSE CVE CVE-2015-3812 page https://www.suse.com/security/cve/CVE-2015-3813/ SUSE CVE CVE-2015-3813 page https://www.suse.com/security/cve/CVE-2015-3814/ SUSE CVE CVE-2015-3814 page SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Software Development Kit 12 wireshark-1.10.14-12.1 wireshark-devel-1.10.14-12.1 wireshark-1.10.14-12.1 as a component of SUSE Linux Enterprise Desktop 12 wireshark-1.10.14-12.1 as a component of SUSE Linux Enterprise Server 12 wireshark-1.10.14-12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 wireshark-devel-1.10.14-12.1 as a component of SUSE Linux Enterprise Software Development Kit 12 epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188. CVE-2015-3811 SUSE Linux Enterprise Desktop 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Server 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.14-12.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151046-1/ https://www.suse.com/security/cve/CVE-2015-3811.html CVE-2015-3811 https://bugzilla.suse.com/930689 SUSE Bug 930689 https://bugzilla.suse.com/930691 SUSE Bug 930691 Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet. CVE-2015-3812 SUSE Linux Enterprise Desktop 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Server 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.14-12.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151046-1/ https://www.suse.com/security/cve/CVE-2015-3812.html CVE-2015-3812 https://bugzilla.suse.com/930689 SUSE Bug 930689 https://bugzilla.suse.com/930691 SUSE Bug 930691 The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet. CVE-2015-3813 SUSE Linux Enterprise Desktop 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Server 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.14-12.1 moderate 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151046-1/ https://www.suse.com/security/cve/CVE-2015-3813.html CVE-2015-3813 https://bugzilla.suse.com/930689 SUSE Bug 930689 The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. CVE-2015-3814 SUSE Linux Enterprise Desktop 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Server 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.14-12.1 SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.14-12.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151046-1/ https://www.suse.com/security/cve/CVE-2015-3814.html CVE-2015-3814 https://bugzilla.suse.com/930689 SUSE Bug 930689 https://bugzilla.suse.com/930691 SUSE Bug 930691