Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2020-25866
Vulnerability from cvelistv5
Published
2020-10-06 14:42
Modified
2024-08-04 15:49
Severity ?
EPSS score ?
0.94%
(0.75173)
Summary
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T15:49:06.032Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gitlab.com/wireshark/wireshark/-/issues/16866", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f", }, { name: "FEDORA-2020-1b390bec14", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/", }, { name: "FEDORA-2020-1bf4b97c16", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/", }, { name: "FEDORA-2020-9bda6ae1cd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW/", }, { name: "openSUSE-SU-2020:1878", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html", }, { name: "openSUSE-SU-2020:1882", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-20T14:42:09", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", }, { tags: [ "x_refsource_MISC", ], url: "https://gitlab.com/wireshark/wireshark/-/issues/16866", }, { tags: [ "x_refsource_MISC", ], url: "https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f", }, { name: "FEDORA-2020-1b390bec14", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/", }, { name: "FEDORA-2020-1bf4b97c16", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/", }, { name: "FEDORA-2020-9bda6ae1cd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW/", }, { name: "openSUSE-SU-2020:1878", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html", }, { name: "openSUSE-SU-2020:1882", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-25866", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", refsource: "MISC", url: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", }, { name: "https://gitlab.com/wireshark/wireshark/-/issues/16866", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/issues/16866", }, { name: "https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f", }, { name: "FEDORA-2020-1b390bec14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/", }, { name: "FEDORA-2020-1bf4b97c16", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/", }, { name: "FEDORA-2020-9bda6ae1cd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW/", }, { name: "openSUSE-SU-2020:1878", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html", }, { name: "openSUSE-SU-2020:1882", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-25866", datePublished: "2020-10-06T14:42:38", dateReserved: "2020-09-24T00:00:00", dateUpdated: "2024-08-04T15:49:06.032Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2020-25866\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-10-06T15:15:15.413\",\"lastModified\":\"2024-11-21T05:18:56.190\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.\"},{\"lang\":\"es\",\"value\":\"En Wireshark versiones 3.2.0 hasta 3.2.6 y versiones 3.0.0 hasta 3.0.13, el disector del protocolo BLIP presenta una desreferencia del puntero NULL porque un búfer fue dimensionado para mensajes comprimidos (no sin comprimir). Esto fue abordado en el archivo epan/disactors/packet-blip.c permitiendo relaciones de compresión razonables y rechazando las bombas ZIP\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndIncluding\":\"3.0.13\",\"matchCriteriaId\":\"5E678E30-FA30-4FEB-9D9E-60E978996580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.2.0\",\"versionEndIncluding\":\"3.2.6\",\"matchCriteriaId\":\"87F3630C-7EC8-4B57-B6A5-13789A54468A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B009C22E-30A4-4288-BCF6-C3E81DEAF45A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3E503FB-6279-4D4A-91D8-E237ECF9D2B0\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/issues/16866\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.wireshark.org/security/wnpa-sec-2020-13.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/issues/16866\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.wireshark.org/security/wnpa-sec-2020-13.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}", }, }
wid-sec-w-2023-1917
Vulnerability from csaf_certbund
Published
2020-09-23 22:00
Modified
2023-07-30 22:00
Summary
Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Wireshark (früher Ethereal) ist eine Software zum Mitschneiden von Netzwerkverkehr und zur Analyse von Netzwerkprotokollen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Wireshark ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Wireshark (früher Ethereal) ist eine Software zum Mitschneiden von Netzwerkverkehr und zur Analyse von Netzwerkprotokollen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Wireshark ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- Windows\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1917 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2023-1917.json", }, { category: "self", summary: "WID-SEC-2023-1917 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1917", }, { category: "external", summary: "Ubuntu Security Notice USN-6262-1 vom 2023-07-31", url: "https://ubuntu.com/security/notices/USN-6262-1", }, { category: "external", summary: "Wireshark Security Advisory vom 2020-09-23", url: "https://www.wireshark.org/security/wnpa-sec-2020-11.html", }, { category: "external", summary: "Wireshark Security Advisory vom 2020-09-23", url: "https://www.wireshark.org/security/wnpa-sec-2020-12.html", }, { category: "external", summary: "Wireshark Security Advisory vom 2020-09-23", url: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2020-1B390BEC14 vom 2020-10-09", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2020-1b390bec14", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3166-1 vom 2020-11-05", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007700.html", }, { category: "external", summary: "Debian Security Advisory DLA-2547 vom 2021-02-06", url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", }, ], source_lang: "en-US", title: "Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service", tracking: { current_release_date: "2023-07-30T22:00:00.000+00:00", generator: { date: "2024-08-15T17:56:19.589+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1917", initial_release_date: "2020-09-23T22:00:00.000+00:00", revision_history: [ { date: "2020-09-23T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2020-10-11T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Fedora aufgenommen", }, { date: "2020-11-05T23:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-02-07T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Debian aufgenommen", }, { date: "2023-07-30T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Ubuntu aufgenommen", }, ], status: "final", version: "5", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { branches: [ { category: "product_name", name: "Open Source Wireshark < 3.2.7", product: { name: "Open Source Wireshark < 3.2.7", product_id: "T017337", product_identification_helper: { cpe: "cpe:/a:wireshark:wireshark:3.2.7", }, }, }, { category: "product_name", name: "Open Source Wireshark < 3.0.14", product: { name: "Open Source Wireshark < 3.0.14", product_id: "T017338", product_identification_helper: { cpe: "cpe:/a:wireshark:wireshark:3.0.14", }, }, }, { category: "product_name", name: "Open Source Wireshark < 2.6.20", product: { name: "Open Source Wireshark < 2.6.20", product_id: "T017339", product_identification_helper: { cpe: "cpe:/a:wireshark:wireshark:2.6.20", }, }, }, ], category: "product_name", name: "Wireshark", }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25862", notes: [ { category: "description", text: "In Wireshark bestehen mehrere Schwachstellen aufgrund von Fehlern in den folgenden Komponenten: MIME Multipart Dissector, TCP Dissector und BLIP Dissector. Ein entfernter anonymer Angreifer kann dies ausnutzen, um einen Denial-of-Service Zustand herbeizuführen. Für eine erfolgreiche Ausnutzung muss der Angreifer einen Benutzer davon überzeugen, eine bösartig gestaltete Paketverfolgungsdatei zu öffnen, oder er muss bösartige Pakete in das Netzwerk des Opfers injizieren.", }, ], product_status: { known_affected: [ "2951", "T002207", "T000126", ], }, release_date: "2020-09-23T22:00:00.000+00:00", title: "CVE-2020-25862", }, { cve: "CVE-2020-25863", notes: [ { category: "description", text: "In Wireshark bestehen mehrere Schwachstellen aufgrund von Fehlern in den folgenden Komponenten: MIME Multipart Dissector, TCP Dissector und BLIP Dissector. Ein entfernter anonymer Angreifer kann dies ausnutzen, um einen Denial-of-Service Zustand herbeizuführen. Für eine erfolgreiche Ausnutzung muss der Angreifer einen Benutzer davon überzeugen, eine bösartig gestaltete Paketverfolgungsdatei zu öffnen, oder er muss bösartige Pakete in das Netzwerk des Opfers injizieren.", }, ], product_status: { known_affected: [ "2951", "T002207", "T000126", ], }, release_date: "2020-09-23T22:00:00.000+00:00", title: "CVE-2020-25863", }, { cve: "CVE-2020-25866", notes: [ { category: "description", text: "In Wireshark bestehen mehrere Schwachstellen aufgrund von Fehlern in den folgenden Komponenten: MIME Multipart Dissector, TCP Dissector und BLIP Dissector. Ein entfernter anonymer Angreifer kann dies ausnutzen, um einen Denial-of-Service Zustand herbeizuführen. Für eine erfolgreiche Ausnutzung muss der Angreifer einen Benutzer davon überzeugen, eine bösartig gestaltete Paketverfolgungsdatei zu öffnen, oder er muss bösartige Pakete in das Netzwerk des Opfers injizieren.", }, ], product_status: { known_affected: [ "2951", "T002207", "T000126", ], }, release_date: "2020-09-23T22:00:00.000+00:00", title: "CVE-2020-25866", }, ], }
WID-SEC-W-2023-1917
Vulnerability from csaf_certbund
Published
2020-09-23 22:00
Modified
2023-07-30 22:00
Summary
Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Wireshark (früher Ethereal) ist eine Software zum Mitschneiden von Netzwerkverkehr und zur Analyse von Netzwerkprotokollen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Wireshark ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Wireshark (früher Ethereal) ist eine Software zum Mitschneiden von Netzwerkverkehr und zur Analyse von Netzwerkprotokollen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Wireshark ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- Windows\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1917 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2023-1917.json", }, { category: "self", summary: "WID-SEC-2023-1917 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1917", }, { category: "external", summary: "Ubuntu Security Notice USN-6262-1 vom 2023-07-31", url: "https://ubuntu.com/security/notices/USN-6262-1", }, { category: "external", summary: "Wireshark Security Advisory vom 2020-09-23", url: "https://www.wireshark.org/security/wnpa-sec-2020-11.html", }, { category: "external", summary: "Wireshark Security Advisory vom 2020-09-23", url: "https://www.wireshark.org/security/wnpa-sec-2020-12.html", }, { category: "external", summary: "Wireshark Security Advisory vom 2020-09-23", url: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2020-1B390BEC14 vom 2020-10-09", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2020-1b390bec14", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3166-1 vom 2020-11-05", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007700.html", }, { category: "external", summary: "Debian Security Advisory DLA-2547 vom 2021-02-06", url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", }, ], source_lang: "en-US", title: "Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service", tracking: { current_release_date: "2023-07-30T22:00:00.000+00:00", generator: { date: "2024-08-15T17:56:19.589+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1917", initial_release_date: "2020-09-23T22:00:00.000+00:00", revision_history: [ { date: "2020-09-23T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2020-10-11T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Fedora aufgenommen", }, { date: "2020-11-05T23:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-02-07T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Debian aufgenommen", }, { date: "2023-07-30T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Ubuntu aufgenommen", }, ], status: "final", version: "5", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { branches: [ { category: "product_name", name: "Open Source Wireshark < 3.2.7", product: { name: "Open Source Wireshark < 3.2.7", product_id: "T017337", product_identification_helper: { cpe: "cpe:/a:wireshark:wireshark:3.2.7", }, }, }, { category: "product_name", name: "Open Source Wireshark < 3.0.14", product: { name: "Open Source Wireshark < 3.0.14", product_id: "T017338", product_identification_helper: { cpe: "cpe:/a:wireshark:wireshark:3.0.14", }, }, }, { category: "product_name", name: "Open Source Wireshark < 2.6.20", product: { name: "Open Source Wireshark < 2.6.20", product_id: "T017339", product_identification_helper: { cpe: "cpe:/a:wireshark:wireshark:2.6.20", }, }, }, ], category: "product_name", name: "Wireshark", }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2020-25862", notes: [ { category: "description", text: "In Wireshark bestehen mehrere Schwachstellen aufgrund von Fehlern in den folgenden Komponenten: MIME Multipart Dissector, TCP Dissector und BLIP Dissector. Ein entfernter anonymer Angreifer kann dies ausnutzen, um einen Denial-of-Service Zustand herbeizuführen. Für eine erfolgreiche Ausnutzung muss der Angreifer einen Benutzer davon überzeugen, eine bösartig gestaltete Paketverfolgungsdatei zu öffnen, oder er muss bösartige Pakete in das Netzwerk des Opfers injizieren.", }, ], product_status: { known_affected: [ "2951", "T002207", "T000126", ], }, release_date: "2020-09-23T22:00:00.000+00:00", title: "CVE-2020-25862", }, { cve: "CVE-2020-25863", notes: [ { category: "description", text: "In Wireshark bestehen mehrere Schwachstellen aufgrund von Fehlern in den folgenden Komponenten: MIME Multipart Dissector, TCP Dissector und BLIP Dissector. Ein entfernter anonymer Angreifer kann dies ausnutzen, um einen Denial-of-Service Zustand herbeizuführen. Für eine erfolgreiche Ausnutzung muss der Angreifer einen Benutzer davon überzeugen, eine bösartig gestaltete Paketverfolgungsdatei zu öffnen, oder er muss bösartige Pakete in das Netzwerk des Opfers injizieren.", }, ], product_status: { known_affected: [ "2951", "T002207", "T000126", ], }, release_date: "2020-09-23T22:00:00.000+00:00", title: "CVE-2020-25863", }, { cve: "CVE-2020-25866", notes: [ { category: "description", text: "In Wireshark bestehen mehrere Schwachstellen aufgrund von Fehlern in den folgenden Komponenten: MIME Multipart Dissector, TCP Dissector und BLIP Dissector. Ein entfernter anonymer Angreifer kann dies ausnutzen, um einen Denial-of-Service Zustand herbeizuführen. Für eine erfolgreiche Ausnutzung muss der Angreifer einen Benutzer davon überzeugen, eine bösartig gestaltete Paketverfolgungsdatei zu öffnen, oder er muss bösartige Pakete in das Netzwerk des Opfers injizieren.", }, ], product_status: { known_affected: [ "2951", "T002207", "T000126", ], }, release_date: "2020-09-23T22:00:00.000+00:00", title: "CVE-2020-25866", }, ], }
gsd-2020-25866
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.
Aliases
Aliases
{ GSD: { alias: "CVE-2020-25866", description: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", id: "GSD-2020-25866", references: [ "https://www.suse.com/security/cve/CVE-2020-25866.html", "https://advisories.mageia.org/CVE-2020-25866.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2020-25866", ], details: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", id: "GSD-2020-25866", modified: "2023-12-13T01:21:56.918269Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-25866", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", refsource: "MISC", url: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", }, { name: "https://gitlab.com/wireshark/wireshark/-/issues/16866", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/issues/16866", }, { name: "https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f", }, { name: "FEDORA-2020-1b390bec14", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/", }, { name: "FEDORA-2020-1bf4b97c16", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/", }, { name: "FEDORA-2020-9bda6ae1cd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW/", }, { name: "openSUSE-SU-2020:1878", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html", }, { name: "openSUSE-SU-2020:1882", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "3.0.13", versionStartIncluding: "3.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "3.2.6", versionStartIncluding: "3.2.0", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-25866", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-476", }, ], }, ], }, references: { reference_data: [ { name: "https://gitlab.com/wireshark/wireshark/-/issues/16866", refsource: "MISC", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/issues/16866", }, { name: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", }, { name: "https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f", }, { name: "FEDORA-2020-1b390bec14", refsource: "FEDORA", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/", }, { name: "FEDORA-2020-1bf4b97c16", refsource: "FEDORA", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/", }, { name: "FEDORA-2020-9bda6ae1cd", refsource: "FEDORA", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW/", }, { name: "openSUSE-SU-2020:1878", refsource: "SUSE", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html", }, { name: "openSUSE-SU-2020:1882", refsource: "SUSE", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, }, }, lastModifiedDate: "2022-10-07T15:19Z", publishedDate: "2020-10-06T15:15Z", }, }, }
opensuse-su-2024:11513-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
libwireshark14-3.4.8-1.2 on GA media
Notes
Title of the patch
libwireshark14-3.4.8-1.2 on GA media
Description of the patch
These are all security issues fixed in the libwireshark14-3.4.8-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11513
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "libwireshark14-3.4.8-1.2 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the libwireshark14-3.4.8-1.2 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-11513", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11513-1.json", }, { category: "self", summary: "SUSE CVE CVE-2006-1932 page", url: "https://www.suse.com/security/cve/CVE-2006-1932/", }, { category: "self", summary: "SUSE CVE CVE-2006-4574 page", url: "https://www.suse.com/security/cve/CVE-2006-4574/", }, { category: "self", summary: "SUSE CVE CVE-2006-4805 page", url: "https://www.suse.com/security/cve/CVE-2006-4805/", }, { category: "self", summary: "SUSE CVE CVE-2006-5468 page", url: "https://www.suse.com/security/cve/CVE-2006-5468/", }, { category: "self", summary: "SUSE CVE CVE-2006-5469 page", url: "https://www.suse.com/security/cve/CVE-2006-5469/", }, { category: "self", summary: "SUSE CVE CVE-2006-5740 page", url: "https://www.suse.com/security/cve/CVE-2006-5740/", }, { category: "self", summary: "SUSE CVE CVE-2007-0456 page", url: "https://www.suse.com/security/cve/CVE-2007-0456/", }, { category: "self", summary: "SUSE CVE CVE-2007-0457 page", url: "https://www.suse.com/security/cve/CVE-2007-0457/", }, { category: "self", summary: "SUSE CVE CVE-2007-0458 page", url: "https://www.suse.com/security/cve/CVE-2007-0458/", }, { category: "self", summary: "SUSE CVE CVE-2007-0459 page", url: "https://www.suse.com/security/cve/CVE-2007-0459/", }, { category: "self", summary: "SUSE CVE CVE-2017-11406 page", url: "https://www.suse.com/security/cve/CVE-2017-11406/", }, { category: "self", summary: "SUSE CVE CVE-2017-11407 page", url: "https://www.suse.com/security/cve/CVE-2017-11407/", }, { category: "self", summary: "SUSE CVE CVE-2017-11408 page", url: "https://www.suse.com/security/cve/CVE-2017-11408/", }, { category: "self", summary: "SUSE CVE CVE-2017-13764 page", url: "https://www.suse.com/security/cve/CVE-2017-13764/", }, { category: "self", summary: "SUSE CVE CVE-2017-13765 page", url: "https://www.suse.com/security/cve/CVE-2017-13765/", }, { category: "self", summary: "SUSE CVE CVE-2017-13766 page", url: "https://www.suse.com/security/cve/CVE-2017-13766/", }, { category: "self", summary: "SUSE CVE CVE-2017-13767 page", url: "https://www.suse.com/security/cve/CVE-2017-13767/", }, { category: "self", summary: "SUSE CVE CVE-2017-15189 page", url: "https://www.suse.com/security/cve/CVE-2017-15189/", }, { category: "self", summary: "SUSE CVE CVE-2017-15190 page", url: "https://www.suse.com/security/cve/CVE-2017-15190/", }, { category: "self", summary: "SUSE CVE CVE-2017-15191 page", url: "https://www.suse.com/security/cve/CVE-2017-15191/", }, { category: "self", summary: "SUSE CVE CVE-2017-15192 page", url: "https://www.suse.com/security/cve/CVE-2017-15192/", }, { category: "self", summary: "SUSE CVE CVE-2017-15193 page", url: "https://www.suse.com/security/cve/CVE-2017-15193/", }, { category: "self", summary: "SUSE CVE CVE-2017-17083 page", url: "https://www.suse.com/security/cve/CVE-2017-17083/", }, { category: "self", summary: "SUSE CVE CVE-2017-17084 page", url: "https://www.suse.com/security/cve/CVE-2017-17084/", }, { category: "self", summary: "SUSE CVE CVE-2017-17085 page", url: "https://www.suse.com/security/cve/CVE-2017-17085/", }, { category: "self", summary: "SUSE CVE CVE-2017-5596 page", url: "https://www.suse.com/security/cve/CVE-2017-5596/", }, { category: "self", summary: "SUSE CVE CVE-2017-5597 page", url: "https://www.suse.com/security/cve/CVE-2017-5597/", }, { category: "self", summary: "SUSE CVE CVE-2017-5753 page", url: "https://www.suse.com/security/cve/CVE-2017-5753/", }, { category: "self", summary: "SUSE CVE CVE-2017-6467 page", url: "https://www.suse.com/security/cve/CVE-2017-6467/", }, { category: "self", summary: "SUSE CVE CVE-2017-6468 page", url: "https://www.suse.com/security/cve/CVE-2017-6468/", }, { category: "self", summary: "SUSE CVE CVE-2017-6469 page", url: "https://www.suse.com/security/cve/CVE-2017-6469/", }, { category: "self", summary: "SUSE CVE CVE-2017-6470 page", url: "https://www.suse.com/security/cve/CVE-2017-6470/", }, { category: "self", summary: "SUSE CVE CVE-2017-6471 page", url: "https://www.suse.com/security/cve/CVE-2017-6471/", }, { category: "self", summary: "SUSE CVE CVE-2017-6472 page", url: "https://www.suse.com/security/cve/CVE-2017-6472/", }, { category: "self", summary: "SUSE CVE CVE-2017-6473 page", url: "https://www.suse.com/security/cve/CVE-2017-6473/", }, { category: "self", summary: "SUSE CVE CVE-2017-6474 page", url: "https://www.suse.com/security/cve/CVE-2017-6474/", }, { category: "self", summary: "SUSE CVE CVE-2017-7700 page", url: "https://www.suse.com/security/cve/CVE-2017-7700/", }, { category: "self", summary: "SUSE CVE CVE-2017-7701 page", url: "https://www.suse.com/security/cve/CVE-2017-7701/", }, { category: "self", summary: "SUSE CVE CVE-2017-7702 page", url: "https://www.suse.com/security/cve/CVE-2017-7702/", }, { category: "self", summary: "SUSE CVE CVE-2017-7703 page", url: "https://www.suse.com/security/cve/CVE-2017-7703/", }, { category: "self", summary: "SUSE CVE CVE-2017-7704 page", url: "https://www.suse.com/security/cve/CVE-2017-7704/", }, { category: "self", summary: "SUSE CVE CVE-2017-7705 page", url: "https://www.suse.com/security/cve/CVE-2017-7705/", }, { category: "self", summary: "SUSE CVE CVE-2017-7745 page", url: "https://www.suse.com/security/cve/CVE-2017-7745/", }, { category: "self", summary: "SUSE CVE CVE-2017-7746 page", url: "https://www.suse.com/security/cve/CVE-2017-7746/", }, { category: "self", summary: "SUSE CVE CVE-2017-7747 page", url: "https://www.suse.com/security/cve/CVE-2017-7747/", }, { category: "self", summary: "SUSE CVE CVE-2017-7748 page", url: "https://www.suse.com/security/cve/CVE-2017-7748/", }, { category: "self", summary: "SUSE CVE CVE-2017-9343 page", url: "https://www.suse.com/security/cve/CVE-2017-9343/", }, { category: "self", summary: "SUSE CVE CVE-2017-9344 page", url: "https://www.suse.com/security/cve/CVE-2017-9344/", }, { category: "self", summary: "SUSE CVE CVE-2017-9345 page", url: "https://www.suse.com/security/cve/CVE-2017-9345/", }, { category: "self", summary: "SUSE CVE CVE-2017-9346 page", url: "https://www.suse.com/security/cve/CVE-2017-9346/", }, { category: "self", summary: "SUSE CVE CVE-2017-9347 page", url: "https://www.suse.com/security/cve/CVE-2017-9347/", }, { category: "self", summary: "SUSE CVE CVE-2017-9348 page", url: "https://www.suse.com/security/cve/CVE-2017-9348/", }, { category: "self", summary: "SUSE CVE CVE-2017-9349 page", url: "https://www.suse.com/security/cve/CVE-2017-9349/", }, { category: "self", summary: "SUSE CVE CVE-2017-9350 page", url: "https://www.suse.com/security/cve/CVE-2017-9350/", }, { category: "self", summary: "SUSE CVE CVE-2017-9351 page", url: "https://www.suse.com/security/cve/CVE-2017-9351/", }, { category: "self", summary: "SUSE CVE CVE-2017-9352 page", url: "https://www.suse.com/security/cve/CVE-2017-9352/", }, { category: "self", summary: "SUSE CVE CVE-2017-9353 page", url: "https://www.suse.com/security/cve/CVE-2017-9353/", }, { category: "self", summary: "SUSE CVE CVE-2017-9354 page", url: "https://www.suse.com/security/cve/CVE-2017-9354/", }, { category: "self", summary: "SUSE CVE CVE-2018-11354 page", url: "https://www.suse.com/security/cve/CVE-2018-11354/", }, { category: "self", summary: "SUSE CVE CVE-2018-11355 page", url: "https://www.suse.com/security/cve/CVE-2018-11355/", }, { category: "self", summary: "SUSE CVE CVE-2018-11356 page", url: "https://www.suse.com/security/cve/CVE-2018-11356/", }, { category: "self", summary: "SUSE CVE CVE-2018-11357 page", url: "https://www.suse.com/security/cve/CVE-2018-11357/", }, { category: "self", summary: "SUSE CVE CVE-2018-11358 page", url: "https://www.suse.com/security/cve/CVE-2018-11358/", }, { category: "self", summary: "SUSE CVE CVE-2018-11359 page", url: "https://www.suse.com/security/cve/CVE-2018-11359/", }, { category: "self", summary: "SUSE CVE CVE-2018-11360 page", url: "https://www.suse.com/security/cve/CVE-2018-11360/", }, { category: "self", summary: "SUSE CVE CVE-2018-11361 page", url: "https://www.suse.com/security/cve/CVE-2018-11361/", }, { category: "self", summary: "SUSE CVE CVE-2018-11362 page", url: "https://www.suse.com/security/cve/CVE-2018-11362/", }, { category: "self", summary: "SUSE CVE CVE-2018-12086 page", url: "https://www.suse.com/security/cve/CVE-2018-12086/", }, { category: "self", summary: "SUSE CVE CVE-2018-14339 page", url: "https://www.suse.com/security/cve/CVE-2018-14339/", }, { category: "self", summary: "SUSE CVE CVE-2018-14340 page", url: "https://www.suse.com/security/cve/CVE-2018-14340/", }, { category: "self", summary: "SUSE CVE CVE-2018-14341 page", url: "https://www.suse.com/security/cve/CVE-2018-14341/", }, { category: "self", summary: "SUSE CVE CVE-2018-14342 page", url: "https://www.suse.com/security/cve/CVE-2018-14342/", }, { category: "self", summary: "SUSE CVE CVE-2018-14343 page", url: "https://www.suse.com/security/cve/CVE-2018-14343/", }, { category: "self", summary: "SUSE CVE CVE-2018-14344 page", url: "https://www.suse.com/security/cve/CVE-2018-14344/", }, { category: "self", summary: "SUSE CVE CVE-2018-14367 page", url: "https://www.suse.com/security/cve/CVE-2018-14367/", }, { category: "self", summary: "SUSE CVE CVE-2018-14368 page", url: "https://www.suse.com/security/cve/CVE-2018-14368/", }, { category: "self", summary: "SUSE CVE CVE-2018-14369 page", url: "https://www.suse.com/security/cve/CVE-2018-14369/", }, { category: "self", summary: "SUSE CVE CVE-2018-14370 page", url: "https://www.suse.com/security/cve/CVE-2018-14370/", }, { category: "self", summary: "SUSE CVE CVE-2018-16056 page", url: "https://www.suse.com/security/cve/CVE-2018-16056/", }, { category: "self", summary: "SUSE CVE CVE-2018-16057 page", url: "https://www.suse.com/security/cve/CVE-2018-16057/", }, { category: "self", summary: "SUSE CVE CVE-2018-16058 page", url: "https://www.suse.com/security/cve/CVE-2018-16058/", }, { category: "self", summary: "SUSE CVE CVE-2018-18225 page", url: "https://www.suse.com/security/cve/CVE-2018-18225/", }, { category: "self", summary: "SUSE CVE CVE-2018-18226 page", url: "https://www.suse.com/security/cve/CVE-2018-18226/", }, { category: "self", summary: "SUSE CVE CVE-2018-18227 page", url: "https://www.suse.com/security/cve/CVE-2018-18227/", }, { category: "self", summary: "SUSE CVE CVE-2018-19622 page", url: "https://www.suse.com/security/cve/CVE-2018-19622/", }, { category: "self", summary: "SUSE CVE CVE-2018-19623 page", url: "https://www.suse.com/security/cve/CVE-2018-19623/", }, { category: "self", summary: "SUSE CVE CVE-2018-19624 page", url: "https://www.suse.com/security/cve/CVE-2018-19624/", }, { category: "self", summary: "SUSE CVE CVE-2018-19625 page", url: "https://www.suse.com/security/cve/CVE-2018-19625/", }, { category: "self", summary: "SUSE CVE CVE-2018-19626 page", url: "https://www.suse.com/security/cve/CVE-2018-19626/", }, { category: "self", summary: "SUSE CVE CVE-2018-19627 page", url: "https://www.suse.com/security/cve/CVE-2018-19627/", }, { category: "self", summary: "SUSE CVE CVE-2018-19628 page", url: "https://www.suse.com/security/cve/CVE-2018-19628/", }, { category: "self", summary: "SUSE CVE CVE-2018-5334 page", url: "https://www.suse.com/security/cve/CVE-2018-5334/", }, { category: "self", summary: "SUSE CVE CVE-2018-5335 page", url: "https://www.suse.com/security/cve/CVE-2018-5335/", }, { category: "self", summary: "SUSE CVE CVE-2018-5336 page", url: "https://www.suse.com/security/cve/CVE-2018-5336/", }, { category: "self", summary: "SUSE CVE CVE-2018-7320 page", url: "https://www.suse.com/security/cve/CVE-2018-7320/", }, { category: "self", summary: "SUSE CVE CVE-2018-7321 page", url: "https://www.suse.com/security/cve/CVE-2018-7321/", }, { category: "self", summary: "SUSE CVE CVE-2018-7325 page", url: "https://www.suse.com/security/cve/CVE-2018-7325/", }, { category: "self", summary: "SUSE CVE CVE-2018-7329 page", url: "https://www.suse.com/security/cve/CVE-2018-7329/", }, { category: "self", summary: "SUSE CVE CVE-2018-7333 page", url: "https://www.suse.com/security/cve/CVE-2018-7333/", }, { category: "self", summary: "SUSE CVE CVE-2018-7334 page", url: "https://www.suse.com/security/cve/CVE-2018-7334/", }, { category: "self", summary: "SUSE CVE CVE-2018-7335 page", url: "https://www.suse.com/security/cve/CVE-2018-7335/", }, { category: "self", summary: "SUSE CVE CVE-2018-7336 page", url: "https://www.suse.com/security/cve/CVE-2018-7336/", }, { category: "self", summary: "SUSE CVE CVE-2018-7337 page", url: "https://www.suse.com/security/cve/CVE-2018-7337/", }, { category: "self", summary: "SUSE CVE CVE-2018-7417 page", url: "https://www.suse.com/security/cve/CVE-2018-7417/", }, { category: "self", summary: "SUSE CVE CVE-2018-7418 page", url: "https://www.suse.com/security/cve/CVE-2018-7418/", }, { category: "self", summary: "SUSE CVE CVE-2018-7419 page", url: "https://www.suse.com/security/cve/CVE-2018-7419/", }, { category: "self", summary: "SUSE CVE CVE-2018-7420 page", url: "https://www.suse.com/security/cve/CVE-2018-7420/", }, { category: "self", summary: "SUSE CVE CVE-2018-9256 page", url: "https://www.suse.com/security/cve/CVE-2018-9256/", }, { category: "self", summary: "SUSE CVE CVE-2018-9257 page", url: "https://www.suse.com/security/cve/CVE-2018-9257/", }, { category: "self", summary: "SUSE CVE CVE-2018-9258 page", url: "https://www.suse.com/security/cve/CVE-2018-9258/", }, { category: "self", summary: "SUSE CVE CVE-2018-9260 page", url: "https://www.suse.com/security/cve/CVE-2018-9260/", }, { category: "self", summary: "SUSE CVE CVE-2018-9261 page", url: "https://www.suse.com/security/cve/CVE-2018-9261/", }, { category: "self", summary: "SUSE CVE CVE-2018-9262 page", url: "https://www.suse.com/security/cve/CVE-2018-9262/", }, { category: "self", summary: "SUSE CVE CVE-2018-9263 page", url: "https://www.suse.com/security/cve/CVE-2018-9263/", }, { category: "self", summary: "SUSE CVE CVE-2018-9264 page", url: "https://www.suse.com/security/cve/CVE-2018-9264/", }, { category: "self", summary: "SUSE CVE CVE-2018-9265 page", url: "https://www.suse.com/security/cve/CVE-2018-9265/", }, { category: "self", summary: "SUSE CVE CVE-2018-9269 page", url: "https://www.suse.com/security/cve/CVE-2018-9269/", }, { category: "self", summary: "SUSE CVE CVE-2018-9273 page", url: "https://www.suse.com/security/cve/CVE-2018-9273/", }, { category: "self", summary: "SUSE CVE CVE-2019-10894 page", url: "https://www.suse.com/security/cve/CVE-2019-10894/", }, { category: "self", summary: "SUSE CVE CVE-2019-10895 page", url: "https://www.suse.com/security/cve/CVE-2019-10895/", }, { category: "self", summary: "SUSE CVE CVE-2019-10896 page", url: "https://www.suse.com/security/cve/CVE-2019-10896/", }, { category: "self", summary: "SUSE CVE CVE-2019-10897 page", url: "https://www.suse.com/security/cve/CVE-2019-10897/", }, { category: "self", summary: "SUSE CVE CVE-2019-10898 page", url: "https://www.suse.com/security/cve/CVE-2019-10898/", }, { category: "self", summary: "SUSE CVE CVE-2019-10899 page", url: "https://www.suse.com/security/cve/CVE-2019-10899/", }, { category: "self", summary: "SUSE CVE CVE-2019-10900 page", url: "https://www.suse.com/security/cve/CVE-2019-10900/", }, { category: "self", summary: "SUSE CVE CVE-2019-10901 page", url: "https://www.suse.com/security/cve/CVE-2019-10901/", }, { category: "self", summary: "SUSE CVE CVE-2019-10902 page", url: "https://www.suse.com/security/cve/CVE-2019-10902/", }, { category: "self", summary: "SUSE CVE CVE-2019-10903 page", url: "https://www.suse.com/security/cve/CVE-2019-10903/", }, { category: "self", summary: "SUSE CVE CVE-2019-13619 page", url: "https://www.suse.com/security/cve/CVE-2019-13619/", }, { category: "self", summary: "SUSE CVE CVE-2019-16319 page", url: "https://www.suse.com/security/cve/CVE-2019-16319/", }, { category: "self", summary: "SUSE CVE CVE-2019-19553 page", url: "https://www.suse.com/security/cve/CVE-2019-19553/", }, { category: "self", summary: "SUSE CVE CVE-2019-5716 page", url: "https://www.suse.com/security/cve/CVE-2019-5716/", }, { category: "self", summary: "SUSE CVE CVE-2019-5717 page", url: "https://www.suse.com/security/cve/CVE-2019-5717/", }, { category: "self", summary: "SUSE CVE CVE-2019-5718 page", url: "https://www.suse.com/security/cve/CVE-2019-5718/", }, { category: "self", summary: "SUSE CVE CVE-2019-5719 page", url: "https://www.suse.com/security/cve/CVE-2019-5719/", }, { category: "self", summary: "SUSE CVE CVE-2019-5721 page", url: "https://www.suse.com/security/cve/CVE-2019-5721/", }, { category: "self", summary: "SUSE CVE CVE-2019-9208 page", url: "https://www.suse.com/security/cve/CVE-2019-9208/", }, { category: "self", summary: "SUSE CVE CVE-2019-9209 page", url: "https://www.suse.com/security/cve/CVE-2019-9209/", }, { category: "self", summary: "SUSE CVE CVE-2019-9214 page", url: "https://www.suse.com/security/cve/CVE-2019-9214/", }, { category: "self", summary: "SUSE CVE CVE-2020-11647 page", url: "https://www.suse.com/security/cve/CVE-2020-11647/", }, { category: "self", summary: "SUSE CVE CVE-2020-13164 page", url: "https://www.suse.com/security/cve/CVE-2020-13164/", }, { category: "self", summary: "SUSE CVE CVE-2020-15466 page", url: "https://www.suse.com/security/cve/CVE-2020-15466/", }, { category: "self", summary: "SUSE CVE CVE-2020-17498 page", url: "https://www.suse.com/security/cve/CVE-2020-17498/", }, { category: "self", summary: "SUSE CVE CVE-2020-25862 page", url: "https://www.suse.com/security/cve/CVE-2020-25862/", }, { category: "self", summary: "SUSE CVE CVE-2020-25863 page", url: "https://www.suse.com/security/cve/CVE-2020-25863/", }, { category: "self", summary: "SUSE CVE CVE-2020-25866 page", url: "https://www.suse.com/security/cve/CVE-2020-25866/", }, { category: "self", summary: "SUSE CVE CVE-2020-26418 page", url: "https://www.suse.com/security/cve/CVE-2020-26418/", }, { category: "self", summary: "SUSE CVE CVE-2020-26419 page", url: "https://www.suse.com/security/cve/CVE-2020-26419/", }, { category: "self", summary: "SUSE CVE CVE-2020-26420 page", url: "https://www.suse.com/security/cve/CVE-2020-26420/", }, { category: "self", summary: "SUSE CVE CVE-2020-26421 page", url: "https://www.suse.com/security/cve/CVE-2020-26421/", }, { category: "self", summary: "SUSE CVE CVE-2020-26422 page", url: "https://www.suse.com/security/cve/CVE-2020-26422/", }, { category: "self", summary: "SUSE CVE CVE-2020-26575 page", url: "https://www.suse.com/security/cve/CVE-2020-26575/", }, { category: "self", summary: "SUSE CVE CVE-2020-28030 page", url: "https://www.suse.com/security/cve/CVE-2020-28030/", }, { category: "self", summary: "SUSE CVE CVE-2020-7044 page", url: "https://www.suse.com/security/cve/CVE-2020-7044/", }, { category: "self", summary: "SUSE CVE CVE-2020-9428 page", url: "https://www.suse.com/security/cve/CVE-2020-9428/", }, { category: "self", summary: "SUSE CVE CVE-2020-9429 page", url: "https://www.suse.com/security/cve/CVE-2020-9429/", }, { category: "self", summary: "SUSE CVE CVE-2020-9430 page", url: "https://www.suse.com/security/cve/CVE-2020-9430/", }, { category: "self", summary: "SUSE CVE CVE-2020-9431 page", url: "https://www.suse.com/security/cve/CVE-2020-9431/", }, { category: "self", summary: "SUSE CVE CVE-2021-22173 page", url: "https://www.suse.com/security/cve/CVE-2021-22173/", }, { category: "self", summary: "SUSE CVE CVE-2021-22174 page", url: "https://www.suse.com/security/cve/CVE-2021-22174/", }, { category: "self", summary: "SUSE CVE CVE-2021-22191 page", url: "https://www.suse.com/security/cve/CVE-2021-22191/", }, { category: "self", summary: "SUSE CVE CVE-2021-22207 page", url: "https://www.suse.com/security/cve/CVE-2021-22207/", }, { category: "self", summary: "SUSE CVE CVE-2021-22235 page", url: "https://www.suse.com/security/cve/CVE-2021-22235/", }, ], title: "libwireshark14-3.4.8-1.2 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:11513-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libwireshark14-3.4.8-1.2.aarch64", product: { name: "libwireshark14-3.4.8-1.2.aarch64", product_id: "libwireshark14-3.4.8-1.2.aarch64", }, }, { category: "product_version", name: "libwiretap11-3.4.8-1.2.aarch64", product: { name: "libwiretap11-3.4.8-1.2.aarch64", product_id: "libwiretap11-3.4.8-1.2.aarch64", }, }, { category: "product_version", name: "libwsutil12-3.4.8-1.2.aarch64", product: { name: "libwsutil12-3.4.8-1.2.aarch64", product_id: "libwsutil12-3.4.8-1.2.aarch64", }, }, { category: "product_version", name: "wireshark-3.4.8-1.2.aarch64", product: { name: "wireshark-3.4.8-1.2.aarch64", product_id: "wireshark-3.4.8-1.2.aarch64", }, }, { category: "product_version", name: "wireshark-devel-3.4.8-1.2.aarch64", product: { name: "wireshark-devel-3.4.8-1.2.aarch64", product_id: "wireshark-devel-3.4.8-1.2.aarch64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.4.8-1.2.aarch64", product: { name: "wireshark-ui-qt-3.4.8-1.2.aarch64", product_id: "wireshark-ui-qt-3.4.8-1.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libwireshark14-3.4.8-1.2.ppc64le", product: { name: "libwireshark14-3.4.8-1.2.ppc64le", product_id: "libwireshark14-3.4.8-1.2.ppc64le", }, }, { category: "product_version", name: "libwiretap11-3.4.8-1.2.ppc64le", product: { name: "libwiretap11-3.4.8-1.2.ppc64le", product_id: "libwiretap11-3.4.8-1.2.ppc64le", }, }, { category: "product_version", name: "libwsutil12-3.4.8-1.2.ppc64le", product: { name: "libwsutil12-3.4.8-1.2.ppc64le", product_id: "libwsutil12-3.4.8-1.2.ppc64le", }, }, { category: "product_version", name: "wireshark-3.4.8-1.2.ppc64le", product: { name: "wireshark-3.4.8-1.2.ppc64le", product_id: "wireshark-3.4.8-1.2.ppc64le", }, }, { category: "product_version", name: "wireshark-devel-3.4.8-1.2.ppc64le", product: { name: "wireshark-devel-3.4.8-1.2.ppc64le", product_id: "wireshark-devel-3.4.8-1.2.ppc64le", }, }, { category: "product_version", name: "wireshark-ui-qt-3.4.8-1.2.ppc64le", product: { name: "wireshark-ui-qt-3.4.8-1.2.ppc64le", product_id: "wireshark-ui-qt-3.4.8-1.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libwireshark14-3.4.8-1.2.s390x", product: { name: "libwireshark14-3.4.8-1.2.s390x", product_id: "libwireshark14-3.4.8-1.2.s390x", }, }, { category: "product_version", name: "libwiretap11-3.4.8-1.2.s390x", product: { name: "libwiretap11-3.4.8-1.2.s390x", product_id: "libwiretap11-3.4.8-1.2.s390x", }, }, { category: "product_version", name: "libwsutil12-3.4.8-1.2.s390x", product: { name: "libwsutil12-3.4.8-1.2.s390x", product_id: "libwsutil12-3.4.8-1.2.s390x", }, }, { category: "product_version", name: "wireshark-3.4.8-1.2.s390x", product: { name: "wireshark-3.4.8-1.2.s390x", product_id: "wireshark-3.4.8-1.2.s390x", }, }, { category: "product_version", name: "wireshark-devel-3.4.8-1.2.s390x", product: { name: "wireshark-devel-3.4.8-1.2.s390x", product_id: "wireshark-devel-3.4.8-1.2.s390x", }, }, { category: "product_version", name: "wireshark-ui-qt-3.4.8-1.2.s390x", product: { name: "wireshark-ui-qt-3.4.8-1.2.s390x", product_id: "wireshark-ui-qt-3.4.8-1.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libwireshark14-3.4.8-1.2.x86_64", product: { name: "libwireshark14-3.4.8-1.2.x86_64", product_id: "libwireshark14-3.4.8-1.2.x86_64", }, }, { category: "product_version", name: "libwiretap11-3.4.8-1.2.x86_64", product: { name: "libwiretap11-3.4.8-1.2.x86_64", product_id: "libwiretap11-3.4.8-1.2.x86_64", }, }, { category: "product_version", name: "libwsutil12-3.4.8-1.2.x86_64", product: { name: "libwsutil12-3.4.8-1.2.x86_64", product_id: "libwsutil12-3.4.8-1.2.x86_64", }, }, { category: "product_version", name: "wireshark-3.4.8-1.2.x86_64", product: { name: "wireshark-3.4.8-1.2.x86_64", product_id: "wireshark-3.4.8-1.2.x86_64", }, }, { category: "product_version", name: "wireshark-devel-3.4.8-1.2.x86_64", product: { name: "wireshark-devel-3.4.8-1.2.x86_64", product_id: "wireshark-devel-3.4.8-1.2.x86_64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.4.8-1.2.x86_64", product: { name: "wireshark-ui-qt-3.4.8-1.2.x86_64", product_id: "wireshark-ui-qt-3.4.8-1.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libwireshark14-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", }, product_reference: "libwireshark14-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwireshark14-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", }, product_reference: "libwireshark14-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwireshark14-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", }, product_reference: "libwireshark14-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwireshark14-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", }, product_reference: "libwireshark14-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwiretap11-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", }, product_reference: "libwiretap11-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwiretap11-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", }, product_reference: "libwiretap11-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwiretap11-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", }, product_reference: "libwiretap11-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwiretap11-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", }, product_reference: "libwiretap11-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwsutil12-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", }, product_reference: "libwsutil12-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwsutil12-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", }, product_reference: "libwsutil12-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwsutil12-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", }, product_reference: "libwsutil12-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwsutil12-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", }, product_reference: "libwsutil12-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", }, product_reference: "wireshark-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", }, product_reference: "wireshark-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", }, product_reference: "wireshark-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", }, product_reference: "wireshark-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", }, product_reference: "wireshark-devel-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", }, product_reference: "wireshark-devel-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", }, product_reference: "wireshark-devel-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", }, product_reference: "wireshark-devel-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", }, product_reference: "wireshark-ui-qt-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", }, product_reference: "wireshark-ui-qt-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", }, product_reference: "wireshark-ui-qt-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", }, product_reference: "wireshark-ui-qt-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2006-1932", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-1932", }, ], notes: [ { category: "general", text: "Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-1932", url: "https://www.suse.com/security/cve/CVE-2006-1932", }, { category: "external", summary: "SUSE Bug 167928 for CVE-2006-1932", url: "https://bugzilla.suse.com/167928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2006-1932", }, { cve: "CVE-2006-4574", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-4574", }, ], notes: [ { category: "general", text: "Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-4574", url: "https://www.suse.com/security/cve/CVE-2006-4574", }, { category: "external", summary: "SUSE Bug 213226 for CVE-2006-4574", url: "https://bugzilla.suse.com/213226", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2006-4574", }, { cve: "CVE-2006-4805", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-4805", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a zero length value when it is decoded.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-4805", url: "https://www.suse.com/security/cve/CVE-2006-4805", }, { category: "external", summary: "SUSE Bug 213226 for CVE-2006-4805", url: "https://bugzilla.suse.com/213226", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-4805", }, { cve: "CVE-2006-5468", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-5468", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-5468", url: "https://www.suse.com/security/cve/CVE-2006-5468", }, { category: "external", summary: "SUSE Bug 213226 for CVE-2006-5468", url: "https://bugzilla.suse.com/213226", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-5468", }, { cve: "CVE-2006-5469", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-5469", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the WBXML dissector in Wireshark (formerly Ethereal) 0.10.11 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger a null dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-5469", url: "https://www.suse.com/security/cve/CVE-2006-5469", }, { category: "external", summary: "SUSE Bug 213226 for CVE-2006-5469", url: "https://bugzilla.suse.com/213226", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-5469", }, { cve: "CVE-2006-5740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-5740", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-5740", url: "https://www.suse.com/security/cve/CVE-2006-5740", }, { category: "external", summary: "SUSE Bug 213226 for CVE-2006-5740", url: "https://bugzilla.suse.com/213226", }, { category: "external", summary: "SUSE Bug 374694 for CVE-2006-5740", url: "https://bugzilla.suse.com/374694", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-5740", }, { cve: "CVE-2007-0456", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-0456", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-0456", url: "https://www.suse.com/security/cve/CVE-2007-0456", }, { category: "external", summary: "SUSE Bug 237246 for CVE-2007-0456", url: "https://bugzilla.suse.com/237246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-0456", }, { cve: "CVE-2007-0457", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-0457", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-0457", url: "https://www.suse.com/security/cve/CVE-2007-0457", }, { category: "external", summary: "SUSE Bug 237246 for CVE-2007-0457", url: "https://bugzilla.suse.com/237246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-0457", }, { cve: "CVE-2007-0458", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-0458", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-0458", url: "https://www.suse.com/security/cve/CVE-2007-0458", }, { category: "external", summary: "SUSE Bug 237246 for CVE-2007-0458", url: "https://bugzilla.suse.com/237246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-0458", }, { cve: "CVE-2007-0459", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-0459", }, ], notes: [ { category: "general", text: "packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-0459", url: "https://www.suse.com/security/cve/CVE-2007-0459", }, { category: "external", summary: "SUSE Bug 237246 for CVE-2007-0459", url: "https://bugzilla.suse.com/237246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-0459", }, { cve: "CVE-2017-11406", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11406", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11406", url: "https://www.suse.com/security/cve/CVE-2017-11406", }, { category: "external", summary: "SUSE Bug 1049255 for CVE-2017-11406", url: "https://bugzilla.suse.com/1049255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-11406", }, { cve: "CVE-2017-11407", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11407", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed in epan/dissectors/packet-mq.c by validating the fragment length before a reassembly attempt.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11407", url: "https://www.suse.com/security/cve/CVE-2017-11407", }, { category: "external", summary: "SUSE Bug 1049255 for CVE-2017-11407", url: "https://bugzilla.suse.com/1049255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-11407", }, { cve: "CVE-2017-11408", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11408", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11408", url: "https://www.suse.com/security/cve/CVE-2017-11408", }, { category: "external", summary: "SUSE Bug 1049255 for CVE-2017-11408", url: "https://bugzilla.suse.com/1049255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-11408", }, { cve: "CVE-2017-13764", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13764", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13764", url: "https://www.suse.com/security/cve/CVE-2017-13764", }, { category: "external", summary: "SUSE Bug 1056250 for CVE-2017-13764", url: "https://bugzilla.suse.com/1056250", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-13764", }, { cve: "CVE-2017-13765", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13765", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13765", url: "https://www.suse.com/security/cve/CVE-2017-13765", }, { category: "external", summary: "SUSE Bug 1056251 for CVE-2017-13765", url: "https://bugzilla.suse.com/1056251", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-13765", }, { cve: "CVE-2017-13766", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13766", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13766", url: "https://www.suse.com/security/cve/CVE-2017-13766", }, { category: "external", summary: "SUSE Bug 1056249 for CVE-2017-13766", url: "https://bugzilla.suse.com/1056249", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-13766", }, { cve: "CVE-2017-13767", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13767", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13767", url: "https://www.suse.com/security/cve/CVE-2017-13767", }, { category: "external", summary: "SUSE Bug 1056248 for CVE-2017-13767", url: "https://bugzilla.suse.com/1056248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-13767", }, { cve: "CVE-2017-15189", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15189", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15189", url: "https://www.suse.com/security/cve/CVE-2017-15189", }, { category: "external", summary: "SUSE Bug 1062645 for CVE-2017-15189", url: "https://bugzilla.suse.com/1062645", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2017-15189", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-15189", }, { cve: "CVE-2017-15190", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15190", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15190", url: "https://www.suse.com/security/cve/CVE-2017-15190", }, { category: "external", summary: "SUSE Bug 1062645 for CVE-2017-15190", url: "https://bugzilla.suse.com/1062645", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2017-15190", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-15190", }, { cve: "CVE-2017-15191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15191", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15191", url: "https://www.suse.com/security/cve/CVE-2017-15191", }, { category: "external", summary: "SUSE Bug 1062645 for CVE-2017-15191", url: "https://bugzilla.suse.com/1062645", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2017-15191", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-15191", }, { cve: "CVE-2017-15192", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15192", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15192", url: "https://www.suse.com/security/cve/CVE-2017-15192", }, { category: "external", summary: "SUSE Bug 1062645 for CVE-2017-15192", url: "https://bugzilla.suse.com/1062645", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2017-15192", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-15192", }, { cve: "CVE-2017-15193", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15193", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15193", url: "https://www.suse.com/security/cve/CVE-2017-15193", }, { category: "external", summary: "SUSE Bug 1062645 for CVE-2017-15193", url: "https://bugzilla.suse.com/1062645", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2017-15193", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-15193", }, { cve: "CVE-2017-17083", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17083", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17083", url: "https://www.suse.com/security/cve/CVE-2017-17083", }, { category: "external", summary: "SUSE Bug 1070727 for CVE-2017-17083", url: "https://bugzilla.suse.com/1070727", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17083", }, { cve: "CVE-2017-17084", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17084", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17084", url: "https://www.suse.com/security/cve/CVE-2017-17084", }, { category: "external", summary: "SUSE Bug 1070727 for CVE-2017-17084", url: "https://bugzilla.suse.com/1070727", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17084", }, { cve: "CVE-2017-17085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17085", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17085", url: "https://www.suse.com/security/cve/CVE-2017-17085", }, { category: "external", summary: "SUSE Bug 1070727 for CVE-2017-17085", url: "https://bugzilla.suse.com/1070727", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17085", }, { cve: "CVE-2017-5596", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5596", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5596", url: "https://www.suse.com/security/cve/CVE-2017-5596", }, { category: "external", summary: "SUSE Bug 1021739 for CVE-2017-5596", url: "https://bugzilla.suse.com/1021739", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2017-5596", }, { cve: "CVE-2017-5597", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5597", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5597", url: "https://www.suse.com/security/cve/CVE-2017-5597", }, { category: "external", summary: "SUSE Bug 1021739 for CVE-2017-5597", url: "https://bugzilla.suse.com/1021739", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2017-5597", }, { cve: "CVE-2017-5753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5753", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5753", url: "https://www.suse.com/security/cve/CVE-2017-5753", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5753", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1075748 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075748", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5753", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087084 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087084", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5753", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1136865 for CVE-2017-5753", url: "https://bugzilla.suse.com/1136865", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5753", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5753", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1209547 for CVE-2017-5753", url: "https://bugzilla.suse.com/1209547", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-5753", }, { cve: "CVE-2017-6467", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6467", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by changing the restrictions on file size.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6467", url: "https://www.suse.com/security/cve/CVE-2017-6467", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6467", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148181 for CVE-2017-6467", url: "https://bugzilla.suse.com/1148181", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6467", }, { cve: "CVE-2017-6468", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6468", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating the relationship between pages and records.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6468", url: "https://www.suse.com/security/cve/CVE-2017-6468", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6468", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148182 for CVE-2017-6468", url: "https://bugzilla.suse.com/1148182", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6468", }, { cve: "CVE-2017-6469", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6469", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-ldss.c by ensuring that memory is allocated for a certain data structure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6469", url: "https://www.suse.com/security/cve/CVE-2017-6469", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6469", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148185 for CVE-2017-6469", url: "https://bugzilla.suse.com/1148185", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6469", }, { cve: "CVE-2017-6470", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6470", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-iax2.c by constraining packet lateness.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6470", url: "https://www.suse.com/security/cve/CVE-2017-6470", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6470", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148186 for CVE-2017-6470", url: "https://bugzilla.suse.com/1148186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6470", }, { cve: "CVE-2017-6471", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6471", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by validating the capability length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6471", url: "https://www.suse.com/security/cve/CVE-2017-6471", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6471", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148187 for CVE-2017-6471", url: "https://bugzilla.suse.com/1148187", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6471", }, { cve: "CVE-2017-6472", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6472", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rtmpt.c by properly incrementing a certain sequence value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6472", url: "https://www.suse.com/security/cve/CVE-2017-6472", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6472", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148188 for CVE-2017-6472", url: "https://bugzilla.suse.com/1148188", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6472", }, { cve: "CVE-2017-6473", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6473", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. This was addressed in wiretap/k12.c by validating the relationships between lengths and offsets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6473", url: "https://www.suse.com/security/cve/CVE-2017-6473", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6473", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148189 for CVE-2017-6473", url: "https://bugzilla.suse.com/1148189", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6473", }, { cve: "CVE-2017-6474", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6474", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6474", url: "https://www.suse.com/security/cve/CVE-2017-6474", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6474", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148191 for CVE-2017-6474", url: "https://bugzilla.suse.com/1148191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6474", }, { cve: "CVE-2017-7700", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7700", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7700", url: "https://www.suse.com/security/cve/CVE-2017-7700", }, { category: "external", summary: "SUSE Bug 1033936 for CVE-2017-7700", url: "https://bugzilla.suse.com/1033936", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7700", }, { cve: "CVE-2017-7701", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7701", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7701", url: "https://www.suse.com/security/cve/CVE-2017-7701", }, { category: "external", summary: "SUSE Bug 1033937 for CVE-2017-7701", url: "https://bugzilla.suse.com/1033937", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7701", }, { cve: "CVE-2017-7702", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7702", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7702", url: "https://www.suse.com/security/cve/CVE-2017-7702", }, { category: "external", summary: "SUSE Bug 1033938 for CVE-2017-7702", url: "https://bugzilla.suse.com/1033938", }, { category: "external", summary: "SUSE Bug 1049255 for CVE-2017-7702", url: "https://bugzilla.suse.com/1049255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7702", }, { cve: "CVE-2017-7703", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7703", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7703", url: "https://www.suse.com/security/cve/CVE-2017-7703", }, { category: "external", summary: "SUSE Bug 1033939 for CVE-2017-7703", url: "https://bugzilla.suse.com/1033939", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7703", }, { cve: "CVE-2017-7704", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7704", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7704", url: "https://www.suse.com/security/cve/CVE-2017-7704", }, { category: "external", summary: "SUSE Bug 1033940 for CVE-2017-7704", url: "https://bugzilla.suse.com/1033940", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7704", }, { cve: "CVE-2017-7705", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7705", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7705", url: "https://www.suse.com/security/cve/CVE-2017-7705", }, { category: "external", summary: "SUSE Bug 1033941 for CVE-2017-7705", url: "https://bugzilla.suse.com/1033941", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7705", }, { cve: "CVE-2017-7745", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7745", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7745", url: "https://www.suse.com/security/cve/CVE-2017-7745", }, { category: "external", summary: "SUSE Bug 1033942 for CVE-2017-7745", url: "https://bugzilla.suse.com/1033942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7745", }, { cve: "CVE-2017-7746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7746", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7746", url: "https://www.suse.com/security/cve/CVE-2017-7746", }, { category: "external", summary: "SUSE Bug 1033943 for CVE-2017-7746", url: "https://bugzilla.suse.com/1033943", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7746", }, { cve: "CVE-2017-7747", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7747", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7747", url: "https://www.suse.com/security/cve/CVE-2017-7747", }, { category: "external", summary: "SUSE Bug 1033944 for CVE-2017-7747", url: "https://bugzilla.suse.com/1033944", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7747", }, { cve: "CVE-2017-7748", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7748", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7748", url: "https://www.suse.com/security/cve/CVE-2017-7748", }, { category: "external", summary: "SUSE Bug 1033945 for CVE-2017-7748", url: "https://bugzilla.suse.com/1033945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7748", }, { cve: "CVE-2017-9343", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9343", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9343", url: "https://www.suse.com/security/cve/CVE-2017-9343", }, { category: "external", summary: "SUSE Bug 1042309 for CVE-2017-9343", url: "https://bugzilla.suse.com/1042309", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9343", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9343", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9343", url: "https://bugzilla.suse.com/1042331", }, { category: "external", summary: "SUSE Bug 1077080 for CVE-2017-9343", url: "https://bugzilla.suse.com/1077080", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9343", }, { cve: "CVE-2017-9344", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9344", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9344", url: "https://www.suse.com/security/cve/CVE-2017-9344", }, { category: "external", summary: "SUSE Bug 1042298 for CVE-2017-9344", url: "https://bugzilla.suse.com/1042298", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9344", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9344", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9344", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9344", }, { cve: "CVE-2017-9345", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9345", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9345", url: "https://www.suse.com/security/cve/CVE-2017-9345", }, { category: "external", summary: "SUSE Bug 1042300 for CVE-2017-9345", url: "https://bugzilla.suse.com/1042300", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9345", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9345", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9345", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9345", }, { cve: "CVE-2017-9346", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9346", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9346", url: "https://www.suse.com/security/cve/CVE-2017-9346", }, { category: "external", summary: "SUSE Bug 1042301 for CVE-2017-9346", url: "https://bugzilla.suse.com/1042301", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9346", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9346", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9346", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9346", }, { cve: "CVE-2017-9347", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9347", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9347", url: "https://www.suse.com/security/cve/CVE-2017-9347", }, { category: "external", summary: "SUSE Bug 1042308 for CVE-2017-9347", url: "https://bugzilla.suse.com/1042308", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9347", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9347", url: "https://bugzilla.suse.com/1042330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9347", }, { cve: "CVE-2017-9348", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9348", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9348", url: "https://www.suse.com/security/cve/CVE-2017-9348", }, { category: "external", summary: "SUSE Bug 1042303 for CVE-2017-9348", url: "https://bugzilla.suse.com/1042303", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9348", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9348", url: "https://bugzilla.suse.com/1042330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9348", }, { cve: "CVE-2017-9349", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9349", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9349", url: "https://www.suse.com/security/cve/CVE-2017-9349", }, { category: "external", summary: "SUSE Bug 1042305 for CVE-2017-9349", url: "https://bugzilla.suse.com/1042305", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9349", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9349", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9349", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9349", }, { cve: "CVE-2017-9350", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9350", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9350", url: "https://www.suse.com/security/cve/CVE-2017-9350", }, { category: "external", summary: "SUSE Bug 1042299 for CVE-2017-9350", url: "https://bugzilla.suse.com/1042299", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9350", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9350", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9350", url: "https://bugzilla.suse.com/1042331", }, { category: "external", summary: "SUSE Bug 1049255 for CVE-2017-9350", url: "https://bugzilla.suse.com/1049255", }, { category: "external", summary: "SUSE Bug 1049621 for CVE-2017-9350", url: "https://bugzilla.suse.com/1049621", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9350", }, { cve: "CVE-2017-9351", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9351", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9351", url: "https://www.suse.com/security/cve/CVE-2017-9351", }, { category: "external", summary: "SUSE Bug 1042302 for CVE-2017-9351", url: "https://bugzilla.suse.com/1042302", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9351", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9351", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9351", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9351", }, { cve: "CVE-2017-9352", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9352", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9352", url: "https://www.suse.com/security/cve/CVE-2017-9352", }, { category: "external", summary: "SUSE Bug 1042304 for CVE-2017-9352", url: "https://bugzilla.suse.com/1042304", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9352", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9352", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9352", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9352", }, { cve: "CVE-2017-9353", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9353", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was addressed in epan/dissectors/packet-ipv6.c by validating an IPv6 address.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9353", url: "https://www.suse.com/security/cve/CVE-2017-9353", }, { category: "external", summary: "SUSE Bug 1042306 for CVE-2017-9353", url: "https://bugzilla.suse.com/1042306", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9353", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9353", url: "https://bugzilla.suse.com/1042330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9353", }, { cve: "CVE-2017-9354", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9354", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9354", url: "https://www.suse.com/security/cve/CVE-2017-9354", }, { category: "external", summary: "SUSE Bug 1042307 for CVE-2017-9354", url: "https://bugzilla.suse.com/1042307", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9354", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9354", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9354", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9354", }, { cve: "CVE-2018-11354", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11354", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11354", url: "https://www.suse.com/security/cve/CVE-2018-11354", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11354", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11354", }, { cve: "CVE-2018-11355", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11355", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11355", url: "https://www.suse.com/security/cve/CVE-2018-11355", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11355", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11355", }, { cve: "CVE-2018-11356", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11356", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11356", url: "https://www.suse.com/security/cve/CVE-2018-11356", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11356", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11356", }, { cve: "CVE-2018-11357", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11357", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11357", url: "https://www.suse.com/security/cve/CVE-2018-11357", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11357", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11357", }, { cve: "CVE-2018-11358", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11358", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11358", url: "https://www.suse.com/security/cve/CVE-2018-11358", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11358", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11358", }, { cve: "CVE-2018-11359", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11359", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11359", url: "https://www.suse.com/security/cve/CVE-2018-11359", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11359", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11359", }, { cve: "CVE-2018-11360", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11360", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11360", url: "https://www.suse.com/security/cve/CVE-2018-11360", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11360", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11360", }, { cve: "CVE-2018-11361", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11361", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11361", url: "https://www.suse.com/security/cve/CVE-2018-11361", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11361", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11361", }, { cve: "CVE-2018-11362", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11362", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11362", url: "https://www.suse.com/security/cve/CVE-2018-11362", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11362", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11362", }, { cve: "CVE-2018-12086", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12086", }, ], notes: [ { category: "general", text: "Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12086", url: "https://www.suse.com/security/cve/CVE-2018-12086", }, { category: "external", summary: "SUSE Bug 1111647 for CVE-2018-12086", url: "https://bugzilla.suse.com/1111647", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-12086", }, { cve: "CVE-2018-14339", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14339", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14339", url: "https://www.suse.com/security/cve/CVE-2018-14339", }, { category: "external", summary: "SUSE Bug 1101810 for CVE-2018-14339", url: "https://bugzilla.suse.com/1101810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14339", }, { cve: "CVE-2018-14340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14340", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14340", url: "https://www.suse.com/security/cve/CVE-2018-14340", }, { category: "external", summary: "SUSE Bug 1101804 for CVE-2018-14340", url: "https://bugzilla.suse.com/1101804", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14340", }, { cve: "CVE-2018-14341", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14341", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14341", url: "https://www.suse.com/security/cve/CVE-2018-14341", }, { category: "external", summary: "SUSE Bug 1101776 for CVE-2018-14341", url: "https://bugzilla.suse.com/1101776", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14341", }, { cve: "CVE-2018-14342", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14342", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14342", url: "https://www.suse.com/security/cve/CVE-2018-14342", }, { category: "external", summary: "SUSE Bug 1101777 for CVE-2018-14342", url: "https://bugzilla.suse.com/1101777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14342", }, { cve: "CVE-2018-14343", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14343", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14343", url: "https://www.suse.com/security/cve/CVE-2018-14343", }, { category: "external", summary: "SUSE Bug 1101786 for CVE-2018-14343", url: "https://bugzilla.suse.com/1101786", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14343", }, { cve: "CVE-2018-14344", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14344", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14344", url: "https://www.suse.com/security/cve/CVE-2018-14344", }, { category: "external", summary: "SUSE Bug 1101788 for CVE-2018-14344", url: "https://bugzilla.suse.com/1101788", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14344", }, { cve: "CVE-2018-14367", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14367", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14367", url: "https://www.suse.com/security/cve/CVE-2018-14367", }, { category: "external", summary: "SUSE Bug 1101791 for CVE-2018-14367", url: "https://bugzilla.suse.com/1101791", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14367", }, { cve: "CVE-2018-14368", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14368", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14368", url: "https://www.suse.com/security/cve/CVE-2018-14368", }, { category: "external", summary: "SUSE Bug 1101794 for CVE-2018-14368", url: "https://bugzilla.suse.com/1101794", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14368", }, { cve: "CVE-2018-14369", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14369", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14369", url: "https://www.suse.com/security/cve/CVE-2018-14369", }, { category: "external", summary: "SUSE Bug 1101800 for CVE-2018-14369", url: "https://bugzilla.suse.com/1101800", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14369", }, { cve: "CVE-2018-14370", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14370", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14370", url: "https://www.suse.com/security/cve/CVE-2018-14370", }, { category: "external", summary: "SUSE Bug 1101802 for CVE-2018-14370", url: "https://bugzilla.suse.com/1101802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14370", }, { cve: "CVE-2018-16056", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16056", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16056", url: "https://www.suse.com/security/cve/CVE-2018-16056", }, { category: "external", summary: "SUSE Bug 1106514 for CVE-2018-16056", url: "https://bugzilla.suse.com/1106514", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-16056", }, { cve: "CVE-2018-16057", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16057", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16057", url: "https://www.suse.com/security/cve/CVE-2018-16057", }, { category: "external", summary: "SUSE Bug 1106514 for CVE-2018-16057", url: "https://bugzilla.suse.com/1106514", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-16057", }, { cve: "CVE-2018-16058", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16058", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16058", url: "https://www.suse.com/security/cve/CVE-2018-16058", }, { category: "external", summary: "SUSE Bug 1106514 for CVE-2018-16058", url: "https://bugzilla.suse.com/1106514", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-16058", }, { cve: "CVE-2018-18225", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18225", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18225", url: "https://www.suse.com/security/cve/CVE-2018-18225", }, { category: "external", summary: "SUSE Bug 1111647 for CVE-2018-18225", url: "https://bugzilla.suse.com/1111647", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-18225", }, { cve: "CVE-2018-18226", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18226", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18226", url: "https://www.suse.com/security/cve/CVE-2018-18226", }, { category: "external", summary: "SUSE Bug 1111647 for CVE-2018-18226", url: "https://bugzilla.suse.com/1111647", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-18226", }, { cve: "CVE-2018-18227", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18227", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18227", url: "https://www.suse.com/security/cve/CVE-2018-18227", }, { category: "external", summary: "SUSE Bug 1111647 for CVE-2018-18227", url: "https://bugzilla.suse.com/1111647", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-18227", }, { cve: "CVE-2018-19622", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19622", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19622", url: "https://www.suse.com/security/cve/CVE-2018-19622", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19622", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19622", }, { cve: "CVE-2018-19623", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19623", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19623", url: "https://www.suse.com/security/cve/CVE-2018-19623", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19623", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19623", }, { cve: "CVE-2018-19624", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19624", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19624", url: "https://www.suse.com/security/cve/CVE-2018-19624", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19624", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19624", }, { cve: "CVE-2018-19625", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19625", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19625", url: "https://www.suse.com/security/cve/CVE-2018-19625", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19625", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19625", }, { cve: "CVE-2018-19626", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19626", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\\0' termination.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19626", url: "https://www.suse.com/security/cve/CVE-2018-19626", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19626", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19626", }, { cve: "CVE-2018-19627", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19627", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19627", url: "https://www.suse.com/security/cve/CVE-2018-19627", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19627", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19627", }, { cve: "CVE-2018-19628", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19628", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19628", url: "https://www.suse.com/security/cve/CVE-2018-19628", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19628", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-19628", }, { cve: "CVE-2018-5334", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5334", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5334", url: "https://www.suse.com/security/cve/CVE-2018-5334", }, { category: "external", summary: "SUSE Bug 1075737 for CVE-2018-5334", url: "https://bugzilla.suse.com/1075737", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-5334", }, { cve: "CVE-2018-5335", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5335", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5335", url: "https://www.suse.com/security/cve/CVE-2018-5335", }, { category: "external", summary: "SUSE Bug 1075738 for CVE-2018-5335", url: "https://bugzilla.suse.com/1075738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-5335", }, { cve: "CVE-2018-5336", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5336", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5336", url: "https://www.suse.com/security/cve/CVE-2018-5336", }, { category: "external", summary: "SUSE Bug 1075739 for CVE-2018-5336", url: "https://bugzilla.suse.com/1075739", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-5336", }, { cve: "CVE-2018-7320", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7320", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7320", url: "https://www.suse.com/security/cve/CVE-2018-7320", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7320", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7320", }, { cve: "CVE-2018-7321", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7321", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7321", url: "https://www.suse.com/security/cve/CVE-2018-7321", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7321", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7321", }, { cve: "CVE-2018-7325", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7325", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7325", url: "https://www.suse.com/security/cve/CVE-2018-7325", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7325", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7325", }, { cve: "CVE-2018-7329", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7329", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7329", url: "https://www.suse.com/security/cve/CVE-2018-7329", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7329", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7329", }, { cve: "CVE-2018-7333", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7333", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7333", url: "https://www.suse.com/security/cve/CVE-2018-7333", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7333", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7333", }, { cve: "CVE-2018-7334", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7334", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7334", url: "https://www.suse.com/security/cve/CVE-2018-7334", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7334", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7334", }, { cve: "CVE-2018-7335", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7335", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7335", url: "https://www.suse.com/security/cve/CVE-2018-7335", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7335", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7335", }, { cve: "CVE-2018-7336", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7336", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7336", url: "https://www.suse.com/security/cve/CVE-2018-7336", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7336", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7336", }, { cve: "CVE-2018-7337", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7337", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7337", url: "https://www.suse.com/security/cve/CVE-2018-7337", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7337", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7337", }, { cve: "CVE-2018-7417", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7417", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. This was addressed in epan/dissectors/packet-ipmi-picmg.c by adding support for crafted packets that lack an IPMI header.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7417", url: "https://www.suse.com/security/cve/CVE-2018-7417", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7417", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7417", }, { cve: "CVE-2018-7418", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7418", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7418", url: "https://www.suse.com/security/cve/CVE-2018-7418", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7418", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7418", }, { cve: "CVE-2018-7419", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7419", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7419", url: "https://www.suse.com/security/cve/CVE-2018-7419", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7419", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7419", }, { cve: "CVE-2018-7420", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7420", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7420", url: "https://www.suse.com/security/cve/CVE-2018-7420", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7420", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7420", }, { cve: "CVE-2018-9256", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9256", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9256", url: "https://www.suse.com/security/cve/CVE-2018-9256", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9256", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9256", }, { cve: "CVE-2018-9257", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9257", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9257", url: "https://www.suse.com/security/cve/CVE-2018-9257", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9257", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9257", }, { cve: "CVE-2018-9258", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9258", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9258", url: "https://www.suse.com/security/cve/CVE-2018-9258", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9258", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9258", }, { cve: "CVE-2018-9260", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9260", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash. This was addressed in epan/dissectors/packet-ieee802154.c by ensuring that an allocation step occurs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9260", url: "https://www.suse.com/security/cve/CVE-2018-9260", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9260", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9260", }, { cve: "CVE-2018-9261", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9261", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-nbap.c by prohibiting the self-linking of DCH-IDs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9261", url: "https://www.suse.com/security/cve/CVE-2018-9261", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9261", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9261", }, { cve: "CVE-2018-9262", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9262", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9262", url: "https://www.suse.com/security/cve/CVE-2018-9262", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9262", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9262", }, { cve: "CVE-2018-9263", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9263", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9263", url: "https://www.suse.com/security/cve/CVE-2018-9263", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9263", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9263", }, { cve: "CVE-2018-9264", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9264", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-adb.c by checking for a length inconsistency.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9264", url: "https://www.suse.com/security/cve/CVE-2018-9264", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9264", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9264", }, { cve: "CVE-2018-9265", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9265", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-tn3270.c has a memory leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9265", url: "https://www.suse.com/security/cve/CVE-2018-9265", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9265", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9265", }, { cve: "CVE-2018-9269", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9269", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9269", url: "https://www.suse.com/security/cve/CVE-2018-9269", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9269", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9269", }, { cve: "CVE-2018-9273", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9273", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9273", url: "https://www.suse.com/security/cve/CVE-2018-9273", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9273", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9273", }, { cve: "CVE-2019-10894", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10894", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10894", url: "https://www.suse.com/security/cve/CVE-2019-10894", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10894", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10894", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10894", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10894", }, { cve: "CVE-2019-10895", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10895", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10895", url: "https://www.suse.com/security/cve/CVE-2019-10895", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10895", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10895", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10895", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10895", }, { cve: "CVE-2019-10896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10896", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10896", url: "https://www.suse.com/security/cve/CVE-2019-10896", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10896", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10896", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10896", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10896", }, { cve: "CVE-2019-10897", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10897", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-ieee80211.c by detecting cases in which the bit offset does not advance.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10897", url: "https://www.suse.com/security/cve/CVE-2019-10897", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10897", url: "https://bugzilla.suse.com/1131941", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10897", }, { cve: "CVE-2019-10898", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10898", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10898", url: "https://www.suse.com/security/cve/CVE-2019-10898", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10898", url: "https://bugzilla.suse.com/1131941", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10898", }, { cve: "CVE-2019-10899", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10899", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10899", url: "https://www.suse.com/security/cve/CVE-2019-10899", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10899", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10899", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10899", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10899", }, { cve: "CVE-2019-10900", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10900", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10900", url: "https://www.suse.com/security/cve/CVE-2019-10900", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10900", url: "https://bugzilla.suse.com/1131941", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10900", }, { cve: "CVE-2019-10901", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10901", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10901", url: "https://www.suse.com/security/cve/CVE-2019-10901", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10901", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10901", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10901", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10901", }, { cve: "CVE-2019-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10902", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10902", url: "https://www.suse.com/security/cve/CVE-2019-10902", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10902", url: "https://bugzilla.suse.com/1131941", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10902", }, { cve: "CVE-2019-10903", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10903", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10903", url: "https://www.suse.com/security/cve/CVE-2019-10903", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10903", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10903", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10903", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10903", }, { cve: "CVE-2019-13619", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-13619", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-13619", url: "https://www.suse.com/security/cve/CVE-2019-13619", }, { category: "external", summary: "SUSE Bug 1141980 for CVE-2019-13619", url: "https://bugzilla.suse.com/1141980", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-13619", }, { cve: "CVE-2019-16319", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16319", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of zero.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16319", url: "https://www.suse.com/security/cve/CVE-2019-16319", }, { category: "external", summary: "SUSE Bug 1150690 for CVE-2019-16319", url: "https://bugzilla.suse.com/1150690", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-16319", }, { cve: "CVE-2019-19553", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19553", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-19553", url: "https://www.suse.com/security/cve/CVE-2019-19553", }, { category: "external", summary: "SUSE Bug 1158505 for CVE-2019-19553", url: "https://bugzilla.suse.com/1158505", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-19553", }, { cve: "CVE-2019-5716", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5716", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5716", url: "https://www.suse.com/security/cve/CVE-2019-5716", }, { category: "external", summary: "SUSE Bug 1121231 for CVE-2019-5716", url: "https://bugzilla.suse.com/1121231", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5716", }, { cve: "CVE-2019-5717", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5717", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5717", url: "https://www.suse.com/security/cve/CVE-2019-5717", }, { category: "external", summary: "SUSE Bug 1121232 for CVE-2019-5717", url: "https://bugzilla.suse.com/1121232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5717", }, { cve: "CVE-2019-5718", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5718", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5718", url: "https://www.suse.com/security/cve/CVE-2019-5718", }, { category: "external", summary: "SUSE Bug 1121233 for CVE-2019-5718", url: "https://bugzilla.suse.com/1121233", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5718", }, { cve: "CVE-2019-5719", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5719", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5719", url: "https://www.suse.com/security/cve/CVE-2019-5719", }, { category: "external", summary: "SUSE Bug 1121234 for CVE-2019-5719", url: "https://bugzilla.suse.com/1121234", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5719", }, { cve: "CVE-2019-5721", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5721", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5721", url: "https://www.suse.com/security/cve/CVE-2019-5721", }, { category: "external", summary: "SUSE Bug 1121235 for CVE-2019-5721", url: "https://bugzilla.suse.com/1121235", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5721", }, { cve: "CVE-2019-9208", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9208", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9208", url: "https://www.suse.com/security/cve/CVE-2019-9208", }, { category: "external", summary: "SUSE Bug 1127370 for CVE-2019-9208", url: "https://bugzilla.suse.com/1127370", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-9208", }, { cve: "CVE-2019-9209", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9209", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9209", url: "https://www.suse.com/security/cve/CVE-2019-9209", }, { category: "external", summary: "SUSE Bug 1127369 for CVE-2019-9209", url: "https://bugzilla.suse.com/1127369", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-9209", }, { cve: "CVE-2019-9214", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9214", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9214", url: "https://www.suse.com/security/cve/CVE-2019-9214", }, { category: "external", summary: "SUSE Bug 1127367 for CVE-2019-9214", url: "https://bugzilla.suse.com/1127367", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-9214", }, { cve: "CVE-2020-11647", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11647", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11647", url: "https://www.suse.com/security/cve/CVE-2020-11647", }, { category: "external", summary: "SUSE Bug 1169063 for CVE-2020-11647", url: "https://bugzilla.suse.com/1169063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-11647", }, { cve: "CVE-2020-13164", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-13164", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-13164", url: "https://www.suse.com/security/cve/CVE-2020-13164", }, { category: "external", summary: "SUSE Bug 1171899 for CVE-2020-13164", url: "https://bugzilla.suse.com/1171899", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-13164", }, { cve: "CVE-2020-15466", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-15466", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-15466", url: "https://www.suse.com/security/cve/CVE-2020-15466", }, { category: "external", summary: "SUSE Bug 1173606 for CVE-2020-15466", url: "https://bugzilla.suse.com/1173606", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-15466", }, { cve: "CVE-2020-17498", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17498", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-17498", url: "https://www.suse.com/security/cve/CVE-2020-17498", }, { category: "external", summary: "SUSE Bug 1175204 for CVE-2020-17498", url: "https://bugzilla.suse.com/1175204", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-17498", }, { cve: "CVE-2020-25862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25862", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25862", url: "https://www.suse.com/security/cve/CVE-2020-25862", }, { category: "external", summary: "SUSE Bug 1176909 for CVE-2020-25862", url: "https://bugzilla.suse.com/1176909", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25862", }, { cve: "CVE-2020-25863", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25863", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25863", url: "https://www.suse.com/security/cve/CVE-2020-25863", }, { category: "external", summary: "SUSE Bug 1176908 for CVE-2020-25863", url: "https://bugzilla.suse.com/1176908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25863", }, { cve: "CVE-2020-25866", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25866", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25866", url: "https://www.suse.com/security/cve/CVE-2020-25866", }, { category: "external", summary: "SUSE Bug 1176910 for CVE-2020-25866", url: "https://bugzilla.suse.com/1176910", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25866", }, { cve: "CVE-2020-26418", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26418", }, ], notes: [ { category: "general", text: "Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26418", url: "https://www.suse.com/security/cve/CVE-2020-26418", }, { category: "external", summary: "SUSE Bug 1179930 for CVE-2020-26418", url: "https://bugzilla.suse.com/1179930", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-26418", }, { cve: "CVE-2020-26419", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26419", }, ], notes: [ { category: "general", text: "Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26419", url: "https://www.suse.com/security/cve/CVE-2020-26419", }, { category: "external", summary: "SUSE Bug 1179931 for CVE-2020-26419", url: "https://bugzilla.suse.com/1179931", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-26419", }, { cve: "CVE-2020-26420", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26420", }, ], notes: [ { category: "general", text: "Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26420", url: "https://www.suse.com/security/cve/CVE-2020-26420", }, { category: "external", summary: "SUSE Bug 1179932 for CVE-2020-26420", url: "https://bugzilla.suse.com/1179932", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-26420", }, { cve: "CVE-2020-26421", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26421", }, ], notes: [ { category: "general", text: "Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26421", url: "https://www.suse.com/security/cve/CVE-2020-26421", }, { category: "external", summary: "SUSE Bug 1179933 for CVE-2020-26421", url: "https://bugzilla.suse.com/1179933", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-26421", }, { cve: "CVE-2020-26422", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26422", }, ], notes: [ { category: "general", text: "Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26422", url: "https://www.suse.com/security/cve/CVE-2020-26422", }, { category: "external", summary: "SUSE Bug 1180232 for CVE-2020-26422", url: "https://bugzilla.suse.com/1180232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-26422", }, { cve: "CVE-2020-26575", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26575", }, ], notes: [ { category: "general", text: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26575", url: "https://www.suse.com/security/cve/CVE-2020-26575", }, { category: "external", summary: "SUSE Bug 1177406 for CVE-2020-26575", url: "https://bugzilla.suse.com/1177406", }, { category: "external", summary: "SUSE Bug 1178290 for CVE-2020-26575", url: "https://bugzilla.suse.com/1178290", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-26575", }, { cve: "CVE-2020-28030", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-28030", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-28030", url: "https://www.suse.com/security/cve/CVE-2020-28030", }, { category: "external", summary: "SUSE Bug 1178291 for CVE-2020-28030", url: "https://bugzilla.suse.com/1178291", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-28030", }, { cve: "CVE-2020-7044", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-7044", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-7044", url: "https://www.suse.com/security/cve/CVE-2020-7044", }, { category: "external", summary: "SUSE Bug 1161052 for CVE-2020-7044", url: "https://bugzilla.suse.com/1161052", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-7044", }, { cve: "CVE-2020-9428", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-9428", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-9428", url: "https://www.suse.com/security/cve/CVE-2020-9428", }, { category: "external", summary: "SUSE Bug 1165241 for CVE-2020-9428", url: "https://bugzilla.suse.com/1165241", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-9428", }, { cve: "CVE-2020-9429", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-9429", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-9429", url: "https://www.suse.com/security/cve/CVE-2020-9429", }, { category: "external", summary: "SUSE Bug 1165241 for CVE-2020-9429", url: "https://bugzilla.suse.com/1165241", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-9429", }, { cve: "CVE-2020-9430", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-9430", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-9430", url: "https://www.suse.com/security/cve/CVE-2020-9430", }, { category: "external", summary: "SUSE Bug 1165241 for CVE-2020-9430", url: "https://bugzilla.suse.com/1165241", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-9430", }, { cve: "CVE-2020-9431", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-9431", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-9431", url: "https://www.suse.com/security/cve/CVE-2020-9431", }, { category: "external", summary: "SUSE Bug 1165241 for CVE-2020-9431", url: "https://bugzilla.suse.com/1165241", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-9431", }, { cve: "CVE-2021-22173", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22173", }, ], notes: [ { category: "general", text: "Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22173", url: "https://www.suse.com/security/cve/CVE-2021-22173", }, { category: "external", summary: "SUSE Bug 1181598 for CVE-2021-22173", url: "https://bugzilla.suse.com/1181598", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22173", }, { cve: "CVE-2021-22174", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22174", }, ], notes: [ { category: "general", text: "Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22174", url: "https://www.suse.com/security/cve/CVE-2021-22174", }, { category: "external", summary: "SUSE Bug 1181599 for CVE-2021-22174", url: "https://bugzilla.suse.com/1181599", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22174", }, { cve: "CVE-2021-22191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22191", }, ], notes: [ { category: "general", text: "Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22191", url: "https://www.suse.com/security/cve/CVE-2021-22191", }, { category: "external", summary: "SUSE Bug 1183353 for CVE-2021-22191", url: "https://bugzilla.suse.com/1183353", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-22191", }, { cve: "CVE-2021-22207", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22207", }, ], notes: [ { category: "general", text: "Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22207", url: "https://www.suse.com/security/cve/CVE-2021-22207", }, { category: "external", summary: "SUSE Bug 1185128 for CVE-2021-22207", url: "https://bugzilla.suse.com/1185128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22207", }, { cve: "CVE-2021-22235", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22235", }, ], notes: [ { category: "general", text: "Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22235", url: "https://www.suse.com/security/cve/CVE-2021-22235", }, { category: "external", summary: "SUSE Bug 1188375 for CVE-2021-22235", url: "https://bugzilla.suse.com/1188375", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22235", }, ], }
opensuse-su-2020:1878-1
Vulnerability from csaf_opensuse
Published
2020-11-08 19:24
Modified
2020-11-08 19:24
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
This update for wireshark fixes the following issues:
- Update to wireshark 3.2.7:
* CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)
* CVE-2020-25862: TCP dissector crash (bsc#1176909)
* CVE-2020-25866: BLIP dissector crash (bsc#1176910)
* CVE-2020-17498: Kafka dissector crash (bsc#1175204)
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2020-1878
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for wireshark", title: "Title of the patch", }, { category: "description", text: "This update for wireshark fixes the following issues:\n\n- Update to wireshark 3.2.7:\n * CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)\n * CVE-2020-25862: TCP dissector crash (bsc#1176909)\n * CVE-2020-25866: BLIP dissector crash (bsc#1176910)\n * CVE-2020-17498: Kafka dissector crash (bsc#1175204)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2020-1878", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1878-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2020:1878-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4FXI56R5FRB3HAJ7KVJHFSZVF3FCUZCP/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2020:1878-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4FXI56R5FRB3HAJ7KVJHFSZVF3FCUZCP/", }, { category: "self", summary: "SUSE Bug 1175204", url: "https://bugzilla.suse.com/1175204", }, { category: "self", summary: "SUSE Bug 1176908", url: "https://bugzilla.suse.com/1176908", }, { category: "self", summary: "SUSE Bug 1176909", url: "https://bugzilla.suse.com/1176909", }, { category: "self", summary: "SUSE Bug 1176910", url: "https://bugzilla.suse.com/1176910", }, { category: "self", summary: "SUSE CVE CVE-2020-17498 page", url: "https://www.suse.com/security/cve/CVE-2020-17498/", }, { category: "self", summary: "SUSE CVE CVE-2020-25862 page", url: "https://www.suse.com/security/cve/CVE-2020-25862/", }, { category: "self", summary: "SUSE CVE CVE-2020-25863 page", url: "https://www.suse.com/security/cve/CVE-2020-25863/", }, { category: "self", summary: "SUSE CVE CVE-2020-25866 page", url: "https://www.suse.com/security/cve/CVE-2020-25866/", }, ], title: "Security update for wireshark", tracking: { current_release_date: "2020-11-08T19:24:25Z", generator: { date: "2020-11-08T19:24:25Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2020:1878-1", initial_release_date: "2020-11-08T19:24:25Z", revision_history: [ { date: "2020-11-08T19:24:25Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libwireshark13-3.2.7-lp151.2.15.1.x86_64", product: { name: "libwireshark13-3.2.7-lp151.2.15.1.x86_64", product_id: "libwireshark13-3.2.7-lp151.2.15.1.x86_64", }, }, { category: "product_version", name: "libwiretap10-3.2.7-lp151.2.15.1.x86_64", product: { name: "libwiretap10-3.2.7-lp151.2.15.1.x86_64", product_id: "libwiretap10-3.2.7-lp151.2.15.1.x86_64", }, }, { category: "product_version", name: "libwsutil11-3.2.7-lp151.2.15.1.x86_64", product: { name: "libwsutil11-3.2.7-lp151.2.15.1.x86_64", product_id: "libwsutil11-3.2.7-lp151.2.15.1.x86_64", }, }, { category: "product_version", name: "wireshark-3.2.7-lp151.2.15.1.x86_64", product: { name: "wireshark-3.2.7-lp151.2.15.1.x86_64", product_id: "wireshark-3.2.7-lp151.2.15.1.x86_64", }, }, { category: "product_version", name: "wireshark-devel-3.2.7-lp151.2.15.1.x86_64", product: { name: "wireshark-devel-3.2.7-lp151.2.15.1.x86_64", product_id: "wireshark-devel-3.2.7-lp151.2.15.1.x86_64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", product: { name: "wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", product_id: "wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.1", product: { name: "openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.7-lp151.2.15.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", }, product_reference: "libwireshark13-3.2.7-lp151.2.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.7-lp151.2.15.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", }, product_reference: "libwiretap10-3.2.7-lp151.2.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.7-lp151.2.15.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", }, product_reference: "libwsutil11-3.2.7-lp151.2.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.7-lp151.2.15.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", }, product_reference: "wireshark-3.2.7-lp151.2.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.7-lp151.2.15.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", }, product_reference: "wireshark-devel-3.2.7-lp151.2.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", }, product_reference: "wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, ], }, vulnerabilities: [ { cve: "CVE-2020-17498", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17498", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-17498", url: "https://www.suse.com/security/cve/CVE-2020-17498", }, { category: "external", summary: "SUSE Bug 1175204 for CVE-2020-17498", url: "https://bugzilla.suse.com/1175204", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-08T19:24:25Z", details: "important", }, ], title: "CVE-2020-17498", }, { cve: "CVE-2020-25862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25862", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25862", url: "https://www.suse.com/security/cve/CVE-2020-25862", }, { category: "external", summary: "SUSE Bug 1176909 for CVE-2020-25862", url: "https://bugzilla.suse.com/1176909", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-08T19:24:25Z", details: "moderate", }, ], title: "CVE-2020-25862", }, { cve: "CVE-2020-25863", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25863", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25863", url: "https://www.suse.com/security/cve/CVE-2020-25863", }, { category: "external", summary: "SUSE Bug 1176908 for CVE-2020-25863", url: "https://bugzilla.suse.com/1176908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-08T19:24:25Z", details: "moderate", }, ], title: "CVE-2020-25863", }, { cve: "CVE-2020-25866", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25866", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25866", url: "https://www.suse.com/security/cve/CVE-2020-25866", }, { category: "external", summary: "SUSE Bug 1176910 for CVE-2020-25866", url: "https://bugzilla.suse.com/1176910", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.1:libwireshark13-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.7-lp151.2.15.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.7-lp151.2.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-08T19:24:25Z", details: "moderate", }, ], title: "CVE-2020-25866", }, ], }
opensuse-su-2020:1882-1
Vulnerability from csaf_opensuse
Published
2020-11-09 13:25
Modified
2020-11-09 13:25
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
This update for wireshark fixes the following issues:
- Update to wireshark 3.2.7:
* CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)
* CVE-2020-25862: TCP dissector crash (bsc#1176909)
* CVE-2020-25866: BLIP dissector crash (bsc#1176910)
* CVE-2020-17498: Kafka dissector crash (bsc#1175204)
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2020-1882
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for wireshark", title: "Title of the patch", }, { category: "description", text: "This update for wireshark fixes the following issues:\n\n- Update to wireshark 3.2.7:\n * CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)\n * CVE-2020-25862: TCP dissector crash (bsc#1176909)\n * CVE-2020-25866: BLIP dissector crash (bsc#1176910)\n * CVE-2020-17498: Kafka dissector crash (bsc#1175204)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2020-1882", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1882-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2020:1882-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DHPCK4MWAVMVJ2UDLVVVY3RLYSSO3M7U/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2020:1882-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DHPCK4MWAVMVJ2UDLVVVY3RLYSSO3M7U/", }, { category: "self", summary: "SUSE Bug 1175204", url: "https://bugzilla.suse.com/1175204", }, { category: "self", summary: "SUSE Bug 1176908", url: "https://bugzilla.suse.com/1176908", }, { category: "self", summary: "SUSE Bug 1176909", url: "https://bugzilla.suse.com/1176909", }, { category: "self", summary: "SUSE Bug 1176910", url: "https://bugzilla.suse.com/1176910", }, { category: "self", summary: "SUSE CVE CVE-2020-17498 page", url: "https://www.suse.com/security/cve/CVE-2020-17498/", }, { category: "self", summary: "SUSE CVE CVE-2020-25862 page", url: "https://www.suse.com/security/cve/CVE-2020-25862/", }, { category: "self", summary: "SUSE CVE CVE-2020-25863 page", url: "https://www.suse.com/security/cve/CVE-2020-25863/", }, { category: "self", summary: "SUSE CVE CVE-2020-25866 page", url: "https://www.suse.com/security/cve/CVE-2020-25866/", }, ], title: "Security update for wireshark", tracking: { current_release_date: "2020-11-09T13:25:40Z", generator: { date: "2020-11-09T13:25:40Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2020:1882-1", initial_release_date: "2020-11-09T13:25:40Z", revision_history: [ { date: "2020-11-09T13:25:40Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libwireshark13-3.2.7-lp152.2.6.1.i586", product: { name: "libwireshark13-3.2.7-lp152.2.6.1.i586", product_id: "libwireshark13-3.2.7-lp152.2.6.1.i586", }, }, { category: "product_version", name: "libwiretap10-3.2.7-lp152.2.6.1.i586", product: { name: "libwiretap10-3.2.7-lp152.2.6.1.i586", product_id: "libwiretap10-3.2.7-lp152.2.6.1.i586", }, }, { category: "product_version", name: "libwsutil11-3.2.7-lp152.2.6.1.i586", product: { name: "libwsutil11-3.2.7-lp152.2.6.1.i586", product_id: "libwsutil11-3.2.7-lp152.2.6.1.i586", }, }, { category: "product_version", name: "wireshark-3.2.7-lp152.2.6.1.i586", product: { name: "wireshark-3.2.7-lp152.2.6.1.i586", product_id: "wireshark-3.2.7-lp152.2.6.1.i586", }, }, { category: "product_version", name: "wireshark-devel-3.2.7-lp152.2.6.1.i586", product: { name: "wireshark-devel-3.2.7-lp152.2.6.1.i586", product_id: "wireshark-devel-3.2.7-lp152.2.6.1.i586", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", product: { name: "wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", product_id: "wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "libwireshark13-3.2.7-lp152.2.6.1.x86_64", product: { name: "libwireshark13-3.2.7-lp152.2.6.1.x86_64", product_id: "libwireshark13-3.2.7-lp152.2.6.1.x86_64", }, }, { category: "product_version", name: "libwiretap10-3.2.7-lp152.2.6.1.x86_64", product: { name: "libwiretap10-3.2.7-lp152.2.6.1.x86_64", product_id: "libwiretap10-3.2.7-lp152.2.6.1.x86_64", }, }, { category: "product_version", name: "libwsutil11-3.2.7-lp152.2.6.1.x86_64", product: { name: "libwsutil11-3.2.7-lp152.2.6.1.x86_64", product_id: "libwsutil11-3.2.7-lp152.2.6.1.x86_64", }, }, { category: "product_version", name: "wireshark-3.2.7-lp152.2.6.1.x86_64", product: { name: "wireshark-3.2.7-lp152.2.6.1.x86_64", product_id: "wireshark-3.2.7-lp152.2.6.1.x86_64", }, }, { category: "product_version", name: "wireshark-devel-3.2.7-lp152.2.6.1.x86_64", product: { name: "wireshark-devel-3.2.7-lp152.2.6.1.x86_64", product_id: "wireshark-devel-3.2.7-lp152.2.6.1.x86_64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", product: { name: "wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", product_id: "wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.2", product: { name: "openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.7-lp152.2.6.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", }, product_reference: "libwireshark13-3.2.7-lp152.2.6.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.7-lp152.2.6.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", }, product_reference: "libwireshark13-3.2.7-lp152.2.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.7-lp152.2.6.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", }, product_reference: "libwiretap10-3.2.7-lp152.2.6.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.7-lp152.2.6.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", }, product_reference: "libwiretap10-3.2.7-lp152.2.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.7-lp152.2.6.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", }, product_reference: "libwsutil11-3.2.7-lp152.2.6.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.7-lp152.2.6.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", }, product_reference: "libwsutil11-3.2.7-lp152.2.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.7-lp152.2.6.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", }, product_reference: "wireshark-3.2.7-lp152.2.6.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.7-lp152.2.6.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", }, product_reference: "wireshark-3.2.7-lp152.2.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.7-lp152.2.6.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", }, product_reference: "wireshark-devel-3.2.7-lp152.2.6.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.7-lp152.2.6.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", }, product_reference: "wireshark-devel-3.2.7-lp152.2.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.7-lp152.2.6.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", }, product_reference: "wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", }, product_reference: "wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-17498", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17498", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-17498", url: "https://www.suse.com/security/cve/CVE-2020-17498", }, { category: "external", summary: "SUSE Bug 1175204 for CVE-2020-17498", url: "https://bugzilla.suse.com/1175204", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-09T13:25:40Z", details: "important", }, ], title: "CVE-2020-17498", }, { cve: "CVE-2020-25862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25862", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25862", url: "https://www.suse.com/security/cve/CVE-2020-25862", }, { category: "external", summary: "SUSE Bug 1176909 for CVE-2020-25862", url: "https://bugzilla.suse.com/1176909", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-09T13:25:40Z", details: "moderate", }, ], title: "CVE-2020-25862", }, { cve: "CVE-2020-25863", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25863", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25863", url: "https://www.suse.com/security/cve/CVE-2020-25863", }, { category: "external", summary: "SUSE Bug 1176908 for CVE-2020-25863", url: "https://bugzilla.suse.com/1176908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-09T13:25:40Z", details: "moderate", }, ], title: "CVE-2020-25863", }, { cve: "CVE-2020-25866", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25866", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25866", url: "https://www.suse.com/security/cve/CVE-2020-25866", }, { category: "external", summary: "SUSE Bug 1176910 for CVE-2020-25866", url: "https://bugzilla.suse.com/1176910", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.7-lp152.2.6.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.7-lp152.2.6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-09T13:25:40Z", details: "moderate", }, ], title: "CVE-2020-25866", }, ], }
suse-su-2020:3166-1
Vulnerability from csaf_suse
Published
2020-11-05 09:38
Modified
2020-11-05 09:38
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
This update for wireshark fixes the following issues:
- Update to wireshark 3.2.7:
* CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)
* CVE-2020-25862: TCP dissector crash (bsc#1176909)
* CVE-2020-25866: BLIP dissector crash (bsc#1176910)
* CVE-2020-17498: Kafka dissector crash (bsc#1175204)
Patchnames
SUSE-2020-3166,SUSE-SLE-Module-Basesystem-15-SP1-2020-3166,SUSE-SLE-Module-Basesystem-15-SP2-2020-3166,SUSE-SLE-Module-Desktop-Applications-15-SP1-2020-3166,SUSE-SLE-Module-Desktop-Applications-15-SP2-2020-3166
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for wireshark", title: "Title of the patch", }, { category: "description", text: "This update for wireshark fixes the following issues:\n\n- Update to wireshark 3.2.7:\n * CVE-2020-25863: MIME Multipart dissector crash (bsc#1176908)\n * CVE-2020-25862: TCP dissector crash (bsc#1176909)\n * CVE-2020-25866: BLIP dissector crash (bsc#1176910)\n * CVE-2020-17498: Kafka dissector crash (bsc#1175204)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3166,SUSE-SLE-Module-Basesystem-15-SP1-2020-3166,SUSE-SLE-Module-Basesystem-15-SP2-2020-3166,SUSE-SLE-Module-Desktop-Applications-15-SP1-2020-3166,SUSE-SLE-Module-Desktop-Applications-15-SP2-2020-3166", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3166-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3166-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203166-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3166-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007700.html", }, { category: "self", summary: "SUSE Bug 1175204", url: "https://bugzilla.suse.com/1175204", }, { category: "self", summary: "SUSE Bug 1176908", url: "https://bugzilla.suse.com/1176908", }, { category: "self", summary: "SUSE Bug 1176909", url: "https://bugzilla.suse.com/1176909", }, { category: "self", summary: "SUSE Bug 1176910", url: "https://bugzilla.suse.com/1176910", }, { category: "self", summary: "SUSE CVE CVE-2020-17498 page", url: "https://www.suse.com/security/cve/CVE-2020-17498/", }, { category: "self", summary: "SUSE CVE CVE-2020-25862 page", url: "https://www.suse.com/security/cve/CVE-2020-25862/", }, { category: "self", summary: "SUSE CVE CVE-2020-25863 page", url: "https://www.suse.com/security/cve/CVE-2020-25863/", }, { category: "self", summary: "SUSE CVE CVE-2020-25866 page", url: "https://www.suse.com/security/cve/CVE-2020-25866/", }, ], title: "Security update for wireshark", tracking: { current_release_date: "2020-11-05T09:38:03Z", generator: { date: "2020-11-05T09:38:03Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3166-1", initial_release_date: "2020-11-05T09:38:03Z", revision_history: [ { date: "2020-11-05T09:38:03Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libwireshark13-3.2.7-3.41.1.aarch64", product: { name: "libwireshark13-3.2.7-3.41.1.aarch64", product_id: "libwireshark13-3.2.7-3.41.1.aarch64", }, }, { category: "product_version", name: "libwiretap10-3.2.7-3.41.1.aarch64", product: { name: "libwiretap10-3.2.7-3.41.1.aarch64", product_id: "libwiretap10-3.2.7-3.41.1.aarch64", }, }, { category: "product_version", name: "libwsutil11-3.2.7-3.41.1.aarch64", product: { name: "libwsutil11-3.2.7-3.41.1.aarch64", product_id: "libwsutil11-3.2.7-3.41.1.aarch64", }, }, { category: "product_version", name: "wireshark-3.2.7-3.41.1.aarch64", product: { name: "wireshark-3.2.7-3.41.1.aarch64", product_id: "wireshark-3.2.7-3.41.1.aarch64", }, }, { category: "product_version", name: "wireshark-devel-3.2.7-3.41.1.aarch64", product: { name: "wireshark-devel-3.2.7-3.41.1.aarch64", product_id: "wireshark-devel-3.2.7-3.41.1.aarch64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.7-3.41.1.aarch64", product: { name: "wireshark-ui-qt-3.2.7-3.41.1.aarch64", product_id: "wireshark-ui-qt-3.2.7-3.41.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libwireshark13-3.2.7-3.41.1.i586", product: { name: "libwireshark13-3.2.7-3.41.1.i586", product_id: "libwireshark13-3.2.7-3.41.1.i586", }, }, { category: "product_version", name: "libwiretap10-3.2.7-3.41.1.i586", product: { name: "libwiretap10-3.2.7-3.41.1.i586", product_id: "libwiretap10-3.2.7-3.41.1.i586", }, }, { category: "product_version", name: "libwsutil11-3.2.7-3.41.1.i586", product: { name: "libwsutil11-3.2.7-3.41.1.i586", product_id: "libwsutil11-3.2.7-3.41.1.i586", }, }, { category: "product_version", name: "wireshark-3.2.7-3.41.1.i586", product: { name: "wireshark-3.2.7-3.41.1.i586", product_id: "wireshark-3.2.7-3.41.1.i586", }, }, { category: "product_version", name: "wireshark-devel-3.2.7-3.41.1.i586", product: { name: "wireshark-devel-3.2.7-3.41.1.i586", product_id: "wireshark-devel-3.2.7-3.41.1.i586", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.7-3.41.1.i586", product: { name: "wireshark-ui-qt-3.2.7-3.41.1.i586", product_id: "wireshark-ui-qt-3.2.7-3.41.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "libwireshark13-3.2.7-3.41.1.ppc64le", product: { name: "libwireshark13-3.2.7-3.41.1.ppc64le", product_id: "libwireshark13-3.2.7-3.41.1.ppc64le", }, }, { category: "product_version", name: "libwiretap10-3.2.7-3.41.1.ppc64le", product: { name: "libwiretap10-3.2.7-3.41.1.ppc64le", product_id: "libwiretap10-3.2.7-3.41.1.ppc64le", }, }, { category: "product_version", name: "libwsutil11-3.2.7-3.41.1.ppc64le", product: { name: "libwsutil11-3.2.7-3.41.1.ppc64le", product_id: "libwsutil11-3.2.7-3.41.1.ppc64le", }, }, { category: "product_version", name: "wireshark-3.2.7-3.41.1.ppc64le", product: { name: "wireshark-3.2.7-3.41.1.ppc64le", product_id: "wireshark-3.2.7-3.41.1.ppc64le", }, }, { category: "product_version", name: "wireshark-devel-3.2.7-3.41.1.ppc64le", product: { name: "wireshark-devel-3.2.7-3.41.1.ppc64le", product_id: "wireshark-devel-3.2.7-3.41.1.ppc64le", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.7-3.41.1.ppc64le", product: { name: "wireshark-ui-qt-3.2.7-3.41.1.ppc64le", product_id: "wireshark-ui-qt-3.2.7-3.41.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libwireshark13-3.2.7-3.41.1.s390x", product: { name: "libwireshark13-3.2.7-3.41.1.s390x", product_id: "libwireshark13-3.2.7-3.41.1.s390x", }, }, { category: "product_version", name: "libwiretap10-3.2.7-3.41.1.s390x", product: { name: "libwiretap10-3.2.7-3.41.1.s390x", product_id: "libwiretap10-3.2.7-3.41.1.s390x", }, }, { category: "product_version", name: "libwsutil11-3.2.7-3.41.1.s390x", product: { name: "libwsutil11-3.2.7-3.41.1.s390x", product_id: "libwsutil11-3.2.7-3.41.1.s390x", }, }, { category: "product_version", name: "wireshark-3.2.7-3.41.1.s390x", product: { name: "wireshark-3.2.7-3.41.1.s390x", product_id: "wireshark-3.2.7-3.41.1.s390x", }, }, { category: "product_version", name: "wireshark-devel-3.2.7-3.41.1.s390x", product: { name: "wireshark-devel-3.2.7-3.41.1.s390x", product_id: "wireshark-devel-3.2.7-3.41.1.s390x", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.7-3.41.1.s390x", product: { name: "wireshark-ui-qt-3.2.7-3.41.1.s390x", product_id: "wireshark-ui-qt-3.2.7-3.41.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libwireshark13-3.2.7-3.41.1.x86_64", product: { name: "libwireshark13-3.2.7-3.41.1.x86_64", product_id: "libwireshark13-3.2.7-3.41.1.x86_64", }, }, { category: "product_version", name: "libwiretap10-3.2.7-3.41.1.x86_64", product: { name: "libwiretap10-3.2.7-3.41.1.x86_64", product_id: "libwiretap10-3.2.7-3.41.1.x86_64", }, }, { category: "product_version", name: "libwsutil11-3.2.7-3.41.1.x86_64", product: { name: "libwsutil11-3.2.7-3.41.1.x86_64", product_id: "libwsutil11-3.2.7-3.41.1.x86_64", }, }, { category: "product_version", name: "wireshark-3.2.7-3.41.1.x86_64", product: { name: "wireshark-3.2.7-3.41.1.x86_64", product_id: "wireshark-3.2.7-3.41.1.x86_64", }, }, { category: "product_version", name: "wireshark-devel-3.2.7-3.41.1.x86_64", product: { name: "wireshark-devel-3.2.7-3.41.1.x86_64", product_id: "wireshark-devel-3.2.7-3.41.1.x86_64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.7-3.41.1.x86_64", product: { name: "wireshark-ui-qt-3.2.7-3.41.1.x86_64", product_id: "wireshark-ui-qt-3.2.7-3.41.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product: { name: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-desktop-applications:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product: { name: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-desktop-applications:15:sp2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", }, product_reference: "libwireshark13-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", }, product_reference: "libwireshark13-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", }, product_reference: "libwireshark13-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", }, product_reference: "libwireshark13-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", }, product_reference: "libwiretap10-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", }, product_reference: "libwiretap10-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", }, product_reference: "libwiretap10-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", }, product_reference: "libwiretap10-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", }, product_reference: "libwsutil11-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", }, product_reference: "libwsutil11-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", }, product_reference: "libwsutil11-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", }, product_reference: "libwsutil11-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", }, product_reference: "wireshark-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", }, product_reference: "wireshark-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", }, product_reference: "wireshark-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", }, product_reference: "wireshark-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", }, product_reference: "libwireshark13-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", }, product_reference: "libwireshark13-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", }, product_reference: "libwireshark13-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", }, product_reference: "libwireshark13-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", }, product_reference: "libwiretap10-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", }, product_reference: "libwiretap10-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", }, product_reference: "libwiretap10-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", }, product_reference: "libwiretap10-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", }, product_reference: "libwsutil11-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", }, product_reference: "libwsutil11-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", }, product_reference: "libwsutil11-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", }, product_reference: "libwsutil11-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", }, product_reference: "wireshark-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", }, product_reference: "wireshark-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", }, product_reference: "wireshark-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", }, product_reference: "wireshark-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", }, product_reference: "wireshark-devel-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", }, product_reference: "wireshark-devel-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", }, product_reference: "wireshark-devel-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", }, product_reference: "wireshark-devel-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", }, product_reference: "wireshark-ui-qt-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", }, product_reference: "wireshark-ui-qt-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", }, product_reference: "wireshark-ui-qt-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", }, product_reference: "wireshark-ui-qt-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", }, product_reference: "wireshark-devel-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", }, product_reference: "wireshark-devel-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", }, product_reference: "wireshark-devel-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", }, product_reference: "wireshark-devel-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.7-3.41.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", }, product_reference: "wireshark-ui-qt-3.2.7-3.41.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.7-3.41.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", }, product_reference: "wireshark-ui-qt-3.2.7-3.41.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.7-3.41.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", }, product_reference: "wireshark-ui-qt-3.2.7-3.41.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.7-3.41.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", }, product_reference: "wireshark-ui-qt-3.2.7-3.41.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-17498", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17498", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-17498", url: "https://www.suse.com/security/cve/CVE-2020-17498", }, { category: "external", summary: "SUSE Bug 1175204 for CVE-2020-17498", url: "https://bugzilla.suse.com/1175204", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:38:03Z", details: "important", }, ], title: "CVE-2020-17498", }, { cve: "CVE-2020-25862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25862", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25862", url: "https://www.suse.com/security/cve/CVE-2020-25862", }, { category: "external", summary: "SUSE Bug 1176909 for CVE-2020-25862", url: "https://bugzilla.suse.com/1176909", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:38:03Z", details: "moderate", }, ], title: "CVE-2020-25862", }, { cve: "CVE-2020-25863", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25863", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25863", url: "https://www.suse.com/security/cve/CVE-2020-25863", }, { category: "external", summary: "SUSE Bug 1176908 for CVE-2020-25863", url: "https://bugzilla.suse.com/1176908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:38:03Z", details: "moderate", }, ], title: "CVE-2020-25863", }, { cve: "CVE-2020-25866", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25866", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25866", url: "https://www.suse.com/security/cve/CVE-2020-25866", }, { category: "external", summary: "SUSE Bug 1176910 for CVE-2020-25866", url: "https://bugzilla.suse.com/1176910", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.7-3.41.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.7-3.41.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T09:38:03Z", details: "moderate", }, ], title: "CVE-2020-25866", }, ], }
fkie_cve-2020-25866
Vulnerability from fkie_nvd
Published
2020-10-06 15:15
Modified
2024-11-21 05:18
Severity ?
Summary
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wireshark | wireshark | * | |
| wireshark | wireshark | * | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| opensuse | leap | 15.1 | |
| opensuse | leap | 15.2 | |
| oracle | zfs_storage_appliance_kit | 8.8 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", matchCriteriaId: "5E678E30-FA30-4FEB-9D9E-60E978996580", versionEndIncluding: "3.0.13", versionStartIncluding: "3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", matchCriteriaId: "87F3630C-7EC8-4B57-B6A5-13789A54468A", versionEndIncluding: "3.2.6", versionStartIncluding: "3.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", matchCriteriaId: "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", }, { lang: "es", value: "En Wireshark versiones 3.2.0 hasta 3.2.6 y versiones 3.0.0 hasta 3.0.13, el disector del protocolo BLIP presenta una desreferencia del puntero NULL porque un búfer fue dimensionado para mensajes comprimidos (no sin comprimir). Esto fue abordado en el archivo epan/disactors/packet-blip.c permitiendo relaciones de compresión razonables y rechazando las bombas ZIP", }, ], id: "CVE-2020-25866", lastModified: "2024-11-21T05:18:56.190", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-06T15:15:15.413", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/issues/16866", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW/", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/issues/16866", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
ghsa-j5p6-gc45-8fh8
Vulnerability from github
Published
2022-05-24 17:30
Modified
2022-10-07 18:15
Severity ?
Details
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.
{ affected: [], aliases: [ "CVE-2020-25866", ], database_specific: { cwe_ids: [ "CWE-476", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2020-10-06T15:15:00Z", severity: "HIGH", }, details: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", id: "GHSA-j5p6-gc45-8fh8", modified: "2022-10-07T18:15:45Z", published: "2022-05-24T17:30:11Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25866", }, { type: "WEB", url: "https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f", }, { type: "WEB", url: "https://gitlab.com/wireshark/wireshark/-/issues/16866", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZUHMK5HYTUUDXA64T2TAMAFMYV674QBW", }, { type: "WEB", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { type: "WEB", url: "https://www.wireshark.org/security/wnpa-sec-2020-13.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.