Security update for wireshark SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:2349-1 Final 1 1 2017-09-04T20:10:39Z current 2017-09-04T20:10:39Z 2017-09-04T20:10:39Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wireshark This update for wireshark to version 2.2.9 fixes the following issues: Minor vulnerabilities that could be used to trigger dissector crashes, infinite loops, or cause excessive use of memory resources by making Wireshark read specially crafted packages from the network or a capture file: * CVE-2017-13767: MSDP dissector infinite loop (boo#1056248) * CVE-2017-13766: Profinet I/O buffer overrun (boo#1056249) * CVE-2017-13765: IrCOMM dissector buffer overrun (boo#1056251) * Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.2.9.html The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-09/msg00008.html E-Mail link for openSUSE-SU-2017:2349-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 openSUSE Leap 42.3 wireshark-2.2.9-21.1 wireshark-devel-2.2.9-21.1 wireshark-ui-gtk-2.2.9-21.1 wireshark-ui-qt-2.2.9-21.1 wireshark-2.2.9-21.1 as a component of openSUSE Leap 42.2 wireshark-devel-2.2.9-21.1 as a component of openSUSE Leap 42.2 wireshark-ui-gtk-2.2.9-21.1 as a component of openSUSE Leap 42.2 wireshark-ui-qt-2.2.9-21.1 as a component of openSUSE Leap 42.2 wireshark-2.2.9-21.1 as a component of openSUSE Leap 42.3 wireshark-devel-2.2.9-21.1 as a component of openSUSE Leap 42.3 wireshark-ui-gtk-2.2.9-21.1 as a component of openSUSE Leap 42.3 wireshark-ui-qt-2.2.9-21.1 as a component of openSUSE Leap 42.3 In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation. CVE-2017-13765 openSUSE Leap 42.2:wireshark-2.2.9-21.1 openSUSE Leap 42.2:wireshark-devel-2.2.9-21.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.9-21.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.9-21.1 openSUSE Leap 42.3:wireshark-2.2.9-21.1 openSUSE Leap 42.3:wireshark-devel-2.2.9-21.1 openSUSE Leap 42.3:wireshark-ui-gtk-2.2.9-21.1 openSUSE Leap 42.3:wireshark-ui-qt-2.2.9-21.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-09/msg00008.html https://www.suse.com/security/cve/CVE-2017-13765.html CVE-2017-13765 https://bugzilla.suse.com/1056251 SUSE Bug 1056251 In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation. CVE-2017-13766 openSUSE Leap 42.2:wireshark-2.2.9-21.1 openSUSE Leap 42.2:wireshark-devel-2.2.9-21.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.9-21.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.9-21.1 openSUSE Leap 42.3:wireshark-2.2.9-21.1 openSUSE Leap 42.3:wireshark-devel-2.2.9-21.1 openSUSE Leap 42.3:wireshark-ui-gtk-2.2.9-21.1 openSUSE Leap 42.3:wireshark-ui-qt-2.2.9-21.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-09/msg00008.html https://www.suse.com/security/cve/CVE-2017-13766.html CVE-2017-13766 https://bugzilla.suse.com/1056249 SUSE Bug 1056249 In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation. CVE-2017-13767 openSUSE Leap 42.2:wireshark-2.2.9-21.1 openSUSE Leap 42.2:wireshark-devel-2.2.9-21.1 openSUSE Leap 42.2:wireshark-ui-gtk-2.2.9-21.1 openSUSE Leap 42.2:wireshark-ui-qt-2.2.9-21.1 openSUSE Leap 42.3:wireshark-2.2.9-21.1 openSUSE Leap 42.3:wireshark-devel-2.2.9-21.1 openSUSE Leap 42.3:wireshark-ui-gtk-2.2.9-21.1 openSUSE Leap 42.3:wireshark-ui-qt-2.2.9-21.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-09/msg00008.html https://www.suse.com/security/cve/CVE-2017-13767.html CVE-2017-13767 https://bugzilla.suse.com/1056248 SUSE Bug 1056248