Security update for Wireshark SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:0936-1 Final 1 1 2015-05-15T19:13:58Z current 2015-05-15T19:13:58Z 2015-05-15T19:13:58Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for Wireshark Wireshark was updated to 1.12.5 to fix security issues and bugs. The following vulnerabilities have been fixed: * CVE-2015-3808, CVE-2015-3809: The LBMR dissector could go into an infinite loop. (wnpa-sec-2015-12) * CVE-2015-3810: The WebSocket dissector could recurse excessively. (wnpa-sec-2015-13) * CVE-2015-3811: The WCP dissector could crash while decompressing data. (wnpa-sec-2015-14) * CVE-2015-3812: The X11 dissector could leak memory. (wnpa-sec-2015-15) * CVE-2015-3813: The packet reassembly code could leak memory. (wnpa-sec-2015-16) * CVE-2015-3814: The IEEE 802.11 dissector could go into an infinite loop. (wnpa-sec-2015-17) * CVE-2015-3815: The Android Logcat file parser could crash. (wnpa-sec-2015-18) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-updates/2015-05/msg00038.html E-Mail link for openSUSE-SU-2015:0936-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE 13.2 wireshark-1.12.5-15.1 wireshark-debuginfo-1.12.5-15.1 wireshark-debugsource-1.12.5-15.1 wireshark-devel-1.12.5-15.1 wireshark-ui-gtk-1.12.5-15.1 wireshark-ui-gtk-debuginfo-1.12.5-15.1 wireshark-ui-qt-1.12.5-15.1 wireshark-ui-qt-debuginfo-1.12.5-15.1 wireshark-1.12.5-15.1 as a component of openSUSE 13.2 wireshark-debuginfo-1.12.5-15.1 as a component of openSUSE 13.2 wireshark-debugsource-1.12.5-15.1 as a component of openSUSE 13.2 wireshark-devel-1.12.5-15.1 as a component of openSUSE 13.2 wireshark-ui-gtk-1.12.5-15.1 as a component of openSUSE 13.2 wireshark-ui-gtk-debuginfo-1.12.5-15.1 as a component of openSUSE 13.2 wireshark-ui-qt-1.12.5-15.1 as a component of openSUSE 13.2 wireshark-ui-qt-debuginfo-1.12.5-15.1 as a component of openSUSE 13.2 The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not reject a zero length, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. CVE-2015-3808 openSUSE 13.2:wireshark-1.12.5-15.1 openSUSE 13.2:wireshark-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-debugsource-1.12.5-15.1 openSUSE 13.2:wireshark-devel-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-debuginfo-1.12.5-15.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-05/msg00038.html https://www.suse.com/security/cve/CVE-2015-3808.html CVE-2015-3808 https://bugzilla.suse.com/930689 SUSE Bug 930689 The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not properly track the current offset, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. CVE-2015-3809 openSUSE 13.2:wireshark-1.12.5-15.1 openSUSE 13.2:wireshark-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-debugsource-1.12.5-15.1 openSUSE 13.2:wireshark-devel-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-debuginfo-1.12.5-15.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-05/msg00038.html https://www.suse.com/security/cve/CVE-2015-3809.html CVE-2015-3809 https://bugzilla.suse.com/930689 SUSE Bug 930689 epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet. CVE-2015-3810 openSUSE 13.2:wireshark-1.12.5-15.1 openSUSE 13.2:wireshark-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-debugsource-1.12.5-15.1 openSUSE 13.2:wireshark-devel-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-debuginfo-1.12.5-15.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-05/msg00038.html https://www.suse.com/security/cve/CVE-2015-3810.html CVE-2015-3810 https://bugzilla.suse.com/930689 SUSE Bug 930689 epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188. CVE-2015-3811 openSUSE 13.2:wireshark-1.12.5-15.1 openSUSE 13.2:wireshark-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-debugsource-1.12.5-15.1 openSUSE 13.2:wireshark-devel-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-debuginfo-1.12.5-15.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-05/msg00038.html https://www.suse.com/security/cve/CVE-2015-3811.html CVE-2015-3811 https://bugzilla.suse.com/930689 SUSE Bug 930689 https://bugzilla.suse.com/930691 SUSE Bug 930691 Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet. CVE-2015-3812 openSUSE 13.2:wireshark-1.12.5-15.1 openSUSE 13.2:wireshark-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-debugsource-1.12.5-15.1 openSUSE 13.2:wireshark-devel-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-debuginfo-1.12.5-15.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-05/msg00038.html https://www.suse.com/security/cve/CVE-2015-3812.html CVE-2015-3812 https://bugzilla.suse.com/930689 SUSE Bug 930689 https://bugzilla.suse.com/930691 SUSE Bug 930691 The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet. CVE-2015-3813 openSUSE 13.2:wireshark-1.12.5-15.1 openSUSE 13.2:wireshark-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-debugsource-1.12.5-15.1 openSUSE 13.2:wireshark-devel-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-debuginfo-1.12.5-15.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-05/msg00038.html https://www.suse.com/security/cve/CVE-2015-3813.html CVE-2015-3813 https://bugzilla.suse.com/930689 SUSE Bug 930689 The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. CVE-2015-3814 openSUSE 13.2:wireshark-1.12.5-15.1 openSUSE 13.2:wireshark-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-debugsource-1.12.5-15.1 openSUSE 13.2:wireshark-devel-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-debuginfo-1.12.5-15.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-05/msg00038.html https://www.suse.com/security/cve/CVE-2015-3814.html CVE-2015-3814 https://bugzilla.suse.com/930689 SUSE Bug 930689 https://bugzilla.suse.com/930691 SUSE Bug 930691 The detect_version function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a packet with a crafted payload, as demonstrated by a length of zero, a different vulnerability than CVE-2015-3906. CVE-2015-3815 openSUSE 13.2:wireshark-1.12.5-15.1 openSUSE 13.2:wireshark-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-debugsource-1.12.5-15.1 openSUSE 13.2:wireshark-devel-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-1.12.5-15.1 openSUSE 13.2:wireshark-ui-gtk-debuginfo-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-1.12.5-15.1 openSUSE 13.2:wireshark-ui-qt-debuginfo-1.12.5-15.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-updates/2015-05/msg00038.html https://www.suse.com/security/cve/CVE-2015-3815.html CVE-2015-3815 https://bugzilla.suse.com/930689 SUSE Bug 930689