Security update for wireshark SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:1988-1 Final 1 1 2018-07-19T07:32:17Z current 2018-07-19T07:32:17Z 2018-07-19T07:32:17Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wireshark This update for wireshark fixes vulnerabilities that could be used to trigger dissector crashes or cause dissectors to go into large infinite loops by making Wireshark read specially crafted packages from the network or capture files (bsc#1094301). This includes: - CVE-2018-11356: DNS dissector crash - CVE-2018-11357: Multiple dissectors could consume excessive memory - CVE-2018-11358: Q.931 dissector crash - CVE-2018-11359: The RRC dissector and other dissectors could crash - CVE-2018-11360: GSM A DTAP dissector crash - CVE-2018-11362: LDSS dissector crash The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Module-Basesystem-15-2018-1348,SUSE-SLE-Module-Desktop-Applications-15-2018-1348 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20181988-1/ Link for SUSE-SU-2018:1988-1 https://lists.suse.com/pipermail/sle-security-updates/2018-July/004282.html E-Mail link for SUSE-SU-2018:1988-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1094301 SUSE Bug 1094301 https://www.suse.com/security/cve/CVE-2018-11356/ SUSE CVE CVE-2018-11356 page https://www.suse.com/security/cve/CVE-2018-11357/ SUSE CVE CVE-2018-11357 page https://www.suse.com/security/cve/CVE-2018-11358/ SUSE CVE CVE-2018-11358 page https://www.suse.com/security/cve/CVE-2018-11359/ SUSE CVE CVE-2018-11359 page https://www.suse.com/security/cve/CVE-2018-11360/ SUSE CVE CVE-2018-11360 page https://www.suse.com/security/cve/CVE-2018-11362/ SUSE CVE CVE-2018-11362 page SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Desktop Applications 15 libwireshark9-2.4.7-3.3.4 libwiretap7-2.4.7-3.3.4 libwscodecs1-2.4.7-3.3.4 libwsutil8-2.4.7-3.3.4 wireshark-2.4.7-3.3.4 wireshark-devel-2.4.7-3.3.4 wireshark-ui-qt-2.4.7-3.3.4 libwireshark9-2.4.7-3.3.4 as a component of SUSE Linux Enterprise Module for Basesystem 15 libwiretap7-2.4.7-3.3.4 as a component of SUSE Linux Enterprise Module for Basesystem 15 libwscodecs1-2.4.7-3.3.4 as a component of SUSE Linux Enterprise Module for Basesystem 15 libwsutil8-2.4.7-3.3.4 as a component of SUSE Linux Enterprise Module for Basesystem 15 wireshark-2.4.7-3.3.4 as a component of SUSE Linux Enterprise Module for Basesystem 15 wireshark-devel-2.4.7-3.3.4 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 wireshark-ui-qt-2.4.7-3.3.4 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record. CVE-2018-11356 SUSE Linux Enterprise Module for Basesystem 15:libwireshark9-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwiretap7-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwscodecs1-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwsutil8-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:wireshark-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-devel-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-ui-qt-2.4.7-3.3.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20181988-1/ https://www.suse.com/security/cve/CVE-2018-11356.html CVE-2018-11356 https://bugzilla.suse.com/1094301 SUSE Bug 1094301 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths. CVE-2018-11357 SUSE Linux Enterprise Module for Basesystem 15:libwireshark9-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwiretap7-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwscodecs1-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwsutil8-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:wireshark-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-devel-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-ui-qt-2.4.7-3.3.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20181988-1/ https://www.suse.com/security/cve/CVE-2018-11357.html CVE-2018-11357 https://bugzilla.suse.com/1094301 SUSE Bug 1094301 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup. CVE-2018-11358 SUSE Linux Enterprise Module for Basesystem 15:libwireshark9-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwiretap7-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwscodecs1-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwsutil8-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:wireshark-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-devel-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-ui-qt-2.4.7-3.3.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20181988-1/ https://www.suse.com/security/cve/CVE-2018-11358.html CVE-2018-11358 https://bugzilla.suse.com/1094301 SUSE Bug 1094301 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. CVE-2018-11359 SUSE Linux Enterprise Module for Basesystem 15:libwireshark9-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwiretap7-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwscodecs1-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwsutil8-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:wireshark-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-devel-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-ui-qt-2.4.7-3.3.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20181988-1/ https://www.suse.com/security/cve/CVE-2018-11359.html CVE-2018-11359 https://bugzilla.suse.com/1094301 SUSE Bug 1094301 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow. CVE-2018-11360 SUSE Linux Enterprise Module for Basesystem 15:libwireshark9-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwiretap7-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwscodecs1-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwsutil8-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:wireshark-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-devel-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-ui-qt-2.4.7-3.3.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20181988-1/ https://www.suse.com/security/cve/CVE-2018-11360.html CVE-2018-11360 https://bugzilla.suse.com/1094301 SUSE Bug 1094301 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character. CVE-2018-11362 SUSE Linux Enterprise Module for Basesystem 15:libwireshark9-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwiretap7-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwscodecs1-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:libwsutil8-2.4.7-3.3.4 SUSE Linux Enterprise Module for Basesystem 15:wireshark-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-devel-2.4.7-3.3.4 SUSE Linux Enterprise Module for Desktop Applications 15:wireshark-ui-qt-2.4.7-3.3.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20181988-1/ https://www.suse.com/security/cve/CVE-2018-11362.html CVE-2018-11362 https://bugzilla.suse.com/1094301 SUSE Bug 1094301