Security update for wireshark SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2017:3436-1 Final 1 1 2017-12-27T09:56:18Z current 2017-12-27T09:56:18Z 2017-12-27T09:56:18Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wireshark This update for wireshark fixes the following issues: - CVE-2017-17083: NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. (bsc#1070727) - CVE-2017-17084: IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length. (bsc#1070727) - CVE-2017-17085: the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length. (bsc#1070727) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-SP2-2017-2153,SUSE-SLE-DESKTOP-12-SP3-2017-2153,SUSE-SLE-RPI-12-SP2-2017-2153,SUSE-SLE-SDK-12-SP2-2017-2153,SUSE-SLE-SDK-12-SP3-2017-2153,SUSE-SLE-SERVER-12-SP2-2017-2153,SUSE-SLE-SERVER-12-SP3-2017-2153 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2017/suse-su-20173436-1/ Link for SUSE-SU-2017:3436-1 https://lists.suse.com/pipermail/sle-security-updates/2017-December/003554.html E-Mail link for SUSE-SU-2017:3436-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1070727 SUSE Bug 1070727 https://www.suse.com/security/cve/CVE-2017-17083/ SUSE CVE CVE-2017-17083 page https://www.suse.com/security/cve/CVE-2017-17084/ SUSE CVE CVE-2017-17084 page https://www.suse.com/security/cve/CVE-2017-17085/ SUSE CVE CVE-2017-17085 page SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 libwireshark8-2.2.11-48.15.3 libwiretap6-2.2.11-48.15.3 libwscodecs1-2.2.11-48.15.3 libwsutil7-2.2.11-48.15.3 wireshark-2.2.11-48.15.3 wireshark-gtk-2.2.11-48.15.3 wireshark-devel-2.2.11-48.15.3 libwireshark8-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 libwiretap6-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 libwscodecs1-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 libwsutil7-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 wireshark-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 wireshark-gtk-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP2 libwireshark8-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 libwiretap6-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 libwscodecs1-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 libwsutil7-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 wireshark-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 wireshark-gtk-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 libwireshark8-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP2 libwiretap6-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP2 libwscodecs1-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP2 libwsutil7-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP2 wireshark-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP2 wireshark-gtk-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP2 libwireshark8-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP3 libwiretap6-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP3 libwscodecs1-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP3 libwsutil7-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP3 wireshark-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP3 wireshark-gtk-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server 12 SP3 libwireshark8-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 libwiretap6-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 libwscodecs1-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 libwsutil7-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 wireshark-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 wireshark-gtk-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 libwireshark8-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 libwiretap6-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 libwscodecs1-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 libwsutil7-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 wireshark-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 wireshark-gtk-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 libwireshark8-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libwiretap6-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libwscodecs1-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libwsutil7-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 wireshark-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 wireshark-gtk-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 wireshark-devel-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 wireshark-devel-2.2.11-48.15.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. CVE-2017-17083 SUSE Linux Enterprise Desktop 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Software Development Kit 12 SP2:wireshark-devel-2.2.11-48.15.3 SUSE Linux Enterprise Software Development Kit 12 SP3:wireshark-devel-2.2.11-48.15.3 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20173436-1/ https://www.suse.com/security/cve/CVE-2017-17083.html CVE-2017-17083 https://bugzilla.suse.com/1070727 SUSE Bug 1070727 In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length. CVE-2017-17084 SUSE Linux Enterprise Desktop 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Software Development Kit 12 SP2:wireshark-devel-2.2.11-48.15.3 SUSE Linux Enterprise Software Development Kit 12 SP3:wireshark-devel-2.2.11-48.15.3 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20173436-1/ https://www.suse.com/security/cve/CVE-2017-17084.html CVE-2017-17084 https://bugzilla.suse.com/1070727 SUSE Bug 1070727 In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length. CVE-2017-17085 SUSE Linux Enterprise Desktop 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Desktop 12 SP3:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server 12 SP3:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP2:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwireshark8-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwiretap6-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwscodecs1-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libwsutil7-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:wireshark-2.2.11-48.15.3 SUSE Linux Enterprise Server for SAP Applications 12 SP3:wireshark-gtk-2.2.11-48.15.3 SUSE Linux Enterprise Software Development Kit 12 SP2:wireshark-devel-2.2.11-48.15.3 SUSE Linux Enterprise Software Development Kit 12 SP3:wireshark-devel-2.2.11-48.15.3 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20173436-1/ https://www.suse.com/security/cve/CVE-2017-17085.html CVE-2017-17085 https://bugzilla.suse.com/1070727 SUSE Bug 1070727