Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2020-26575
Vulnerability from cvelistv5
Published
2020-10-06 14:57
Modified
2024-08-04 15:56
Severity ?
EPSS score ?
Summary
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T15:56:04.593Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gitlab.com/wireshark/wireshark/-/issues/16887", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/467", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/471", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/472", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/473", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab", }, { name: "GLSA-202011-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202011-08", }, { name: "FEDORA-2020-4cff262f07", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/", }, { name: "FEDORA-2020-d4344dd12f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.wireshark.org/security/wnpa-sec-2020-14.html", }, { name: "[debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-06T22:06:41", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://gitlab.com/wireshark/wireshark/-/issues/16887", }, { tags: [ "x_refsource_MISC", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/467", }, { tags: [ "x_refsource_MISC", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/471", }, { tags: [ "x_refsource_MISC", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/472", }, { tags: [ "x_refsource_MISC", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/473", }, { tags: [ "x_refsource_MISC", ], url: "https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab", }, { name: "GLSA-202011-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202011-08", }, { name: "FEDORA-2020-4cff262f07", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/", }, { name: "FEDORA-2020-d4344dd12f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.wireshark.org/security/wnpa-sec-2020-14.html", }, { name: "[debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26575", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://gitlab.com/wireshark/wireshark/-/issues/16887", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/issues/16887", }, { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/467", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/467", }, { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/471", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/471", }, { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/472", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/472", }, { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/473", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/473", }, { name: "https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab", }, { name: "GLSA-202011-08", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202011-08", }, { name: "FEDORA-2020-4cff262f07", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/", }, { name: "FEDORA-2020-d4344dd12f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3/", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { name: "https://www.wireshark.org/security/wnpa-sec-2020-14.html", refsource: "CONFIRM", url: "https://www.wireshark.org/security/wnpa-sec-2020-14.html", }, { name: "[debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-26575", datePublished: "2020-10-06T14:57:03", dateReserved: "2020-10-06T00:00:00", dateUpdated: "2024-08-04T15:56:04.593Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2020-26575\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-10-06T15:15:15.553\",\"lastModified\":\"2024-11-21T05:20:06.840\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.\"},{\"lang\":\"es\",\"value\":\"En Wireshark versiones hasta 3.2.7, el Facebook Zero Protocol (también se conoce como FBZERO), podría entrar en un bucle infinito. Esto fue abordado en el archivo epan/dissectors/packet-fbzero.c corrigiendo la implementación del avance de compensación\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-835\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.2.7\",\"matchCriteriaId\":\"E1F39650-692D-4C46-B8EE-562776D6FA83\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:zfs_storage_appliance_firmware:8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DFA9ECF-AA1E-440C-A445-F2A21C94FCEA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:oracle:zfs_storage_appliance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79699341-FB18-4271-AA97-DAE164587E08\"}]}]}],\"references\":[{\"url\":\"https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/issues/16887\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/merge_requests/467\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/merge_requests/471\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/merge_requests/472\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/merge_requests/473\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/202011-08\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.wireshark.org/security/wnpa-sec-2020-14.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/issues/16887\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/merge_requests/467\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/merge_requests/471\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/merge_requests/472\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.com/wireshark/wireshark/-/merge_requests/473\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202011-08\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.wireshark.org/security/wnpa-sec-2020-14.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}", }, }
ghsa-vw2j-3xrw-2q58
Vulnerability from github
Published
2022-05-24 17:30
Modified
2022-05-24 17:30
Details
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
{ affected: [], aliases: [ "CVE-2020-26575", ], database_specific: { cwe_ids: [ "CWE-835", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2020-10-06T15:15:00Z", severity: "HIGH", }, details: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", id: "GHSA-vw2j-3xrw-2q58", modified: "2022-05-24T17:30:12Z", published: "2022-05-24T17:30:12Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-26575", }, { type: "WEB", url: "https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab", }, { type: "WEB", url: "https://gitlab.com/wireshark/wireshark/-/issues/16887", }, { type: "WEB", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/467", }, { type: "WEB", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/471", }, { type: "WEB", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/472", }, { type: "WEB", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/473", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3", }, { type: "WEB", url: "https://security.gentoo.org/glsa/202011-08", }, { type: "WEB", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { type: "WEB", url: "https://www.wireshark.org/security/wnpa-sec-2020-14.html", }, ], schema_version: "1.4.0", severity: [], }
opensuse-su-2020:2107-1
Vulnerability from csaf_opensuse
Published
2020-11-29 11:30
Modified
2020-11-29 11:30
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
This update for wireshark fixes the following issues:
- wireshark was updated to 3.2.8:
- CVE-2020-26575: Fixed an issue where FBZERO dissector was entering in infinite loop (bsc#1177406)
- CVE-2020-28030: Fixed an issue where GQUIC dissector was crashing (bsc#1178291)
* Infinite memory allocation while parsing this tcp packet
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2020-2107
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for wireshark", title: "Title of the patch", }, { category: "description", text: "This update for wireshark fixes the following issues:\n\n- wireshark was updated to 3.2.8:\n - CVE-2020-26575: Fixed an issue where FBZERO dissector was entering in infinite loop (bsc#1177406)\n - CVE-2020-28030: Fixed an issue where GQUIC dissector was crashing (bsc#1178291)\n * Infinite memory allocation while parsing this tcp packet\n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2020-2107", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_2107-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2020:2107-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7DRKIYJDZYHG7KXDJ3T5Y3UU4KEC2QGD/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2020:2107-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7DRKIYJDZYHG7KXDJ3T5Y3UU4KEC2QGD/", }, { category: "self", summary: "SUSE Bug 1177406", url: "https://bugzilla.suse.com/1177406", }, { category: "self", summary: "SUSE Bug 1178291", url: "https://bugzilla.suse.com/1178291", }, { category: "self", summary: "SUSE CVE CVE-2020-26575 page", url: "https://www.suse.com/security/cve/CVE-2020-26575/", }, { category: "self", summary: "SUSE CVE CVE-2020-28030 page", url: "https://www.suse.com/security/cve/CVE-2020-28030/", }, ], title: "Security update for wireshark", tracking: { current_release_date: "2020-11-29T11:30:29Z", generator: { date: "2020-11-29T11:30:29Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2020:2107-1", initial_release_date: "2020-11-29T11:30:29Z", revision_history: [ { date: "2020-11-29T11:30:29Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libwireshark13-3.2.8-lp151.2.18.1.x86_64", product: { name: "libwireshark13-3.2.8-lp151.2.18.1.x86_64", product_id: "libwireshark13-3.2.8-lp151.2.18.1.x86_64", }, }, { category: "product_version", name: "libwiretap10-3.2.8-lp151.2.18.1.x86_64", product: { name: "libwiretap10-3.2.8-lp151.2.18.1.x86_64", product_id: "libwiretap10-3.2.8-lp151.2.18.1.x86_64", }, }, { category: "product_version", name: "libwsutil11-3.2.8-lp151.2.18.1.x86_64", product: { name: "libwsutil11-3.2.8-lp151.2.18.1.x86_64", product_id: "libwsutil11-3.2.8-lp151.2.18.1.x86_64", }, }, { category: "product_version", name: "wireshark-3.2.8-lp151.2.18.1.x86_64", product: { name: "wireshark-3.2.8-lp151.2.18.1.x86_64", product_id: "wireshark-3.2.8-lp151.2.18.1.x86_64", }, }, { category: "product_version", name: "wireshark-devel-3.2.8-lp151.2.18.1.x86_64", product: { name: "wireshark-devel-3.2.8-lp151.2.18.1.x86_64", product_id: "wireshark-devel-3.2.8-lp151.2.18.1.x86_64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64", product: { name: "wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64", product_id: "wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.1", product: { name: "openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.8-lp151.2.18.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:libwireshark13-3.2.8-lp151.2.18.1.x86_64", }, product_reference: "libwireshark13-3.2.8-lp151.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.8-lp151.2.18.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:libwiretap10-3.2.8-lp151.2.18.1.x86_64", }, product_reference: "libwiretap10-3.2.8-lp151.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.8-lp151.2.18.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:libwsutil11-3.2.8-lp151.2.18.1.x86_64", }, product_reference: "libwsutil11-3.2.8-lp151.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.8-lp151.2.18.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:wireshark-3.2.8-lp151.2.18.1.x86_64", }, product_reference: "wireshark-3.2.8-lp151.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.8-lp151.2.18.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:wireshark-devel-3.2.8-lp151.2.18.1.x86_64", }, product_reference: "wireshark-devel-3.2.8-lp151.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64", }, product_reference: "wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, ], }, vulnerabilities: [ { cve: "CVE-2020-26575", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26575", }, ], notes: [ { category: "general", text: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:libwireshark13-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26575", url: "https://www.suse.com/security/cve/CVE-2020-26575", }, { category: "external", summary: "SUSE Bug 1177406 for CVE-2020-26575", url: "https://bugzilla.suse.com/1177406", }, { category: "external", summary: "SUSE Bug 1178290 for CVE-2020-26575", url: "https://bugzilla.suse.com/1178290", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:libwireshark13-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.1:libwireshark13-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-29T11:30:29Z", details: "moderate", }, ], title: "CVE-2020-26575", }, { cve: "CVE-2020-28030", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-28030", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:libwireshark13-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-28030", url: "https://www.suse.com/security/cve/CVE-2020-28030", }, { category: "external", summary: "SUSE Bug 1178291 for CVE-2020-28030", url: "https://bugzilla.suse.com/1178291", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:libwireshark13-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.1:libwireshark13-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwiretap10-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:libwsutil11-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-devel-3.2.8-lp151.2.18.1.x86_64", "openSUSE Leap 15.1:wireshark-ui-qt-3.2.8-lp151.2.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-29T11:30:29Z", details: "moderate", }, ], title: "CVE-2020-28030", }, ], }
opensuse-su-2024:11513-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
libwireshark14-3.4.8-1.2 on GA media
Notes
Title of the patch
libwireshark14-3.4.8-1.2 on GA media
Description of the patch
These are all security issues fixed in the libwireshark14-3.4.8-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11513
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "libwireshark14-3.4.8-1.2 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the libwireshark14-3.4.8-1.2 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-11513", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11513-1.json", }, { category: "self", summary: "SUSE CVE CVE-2006-1932 page", url: "https://www.suse.com/security/cve/CVE-2006-1932/", }, { category: "self", summary: "SUSE CVE CVE-2006-4574 page", url: "https://www.suse.com/security/cve/CVE-2006-4574/", }, { category: "self", summary: "SUSE CVE CVE-2006-4805 page", url: "https://www.suse.com/security/cve/CVE-2006-4805/", }, { category: "self", summary: "SUSE CVE CVE-2006-5468 page", url: "https://www.suse.com/security/cve/CVE-2006-5468/", }, { category: "self", summary: "SUSE CVE CVE-2006-5469 page", url: "https://www.suse.com/security/cve/CVE-2006-5469/", }, { category: "self", summary: "SUSE CVE CVE-2006-5740 page", url: "https://www.suse.com/security/cve/CVE-2006-5740/", }, { category: "self", summary: "SUSE CVE CVE-2007-0456 page", url: "https://www.suse.com/security/cve/CVE-2007-0456/", }, { category: "self", summary: "SUSE CVE CVE-2007-0457 page", url: "https://www.suse.com/security/cve/CVE-2007-0457/", }, { category: "self", summary: "SUSE CVE CVE-2007-0458 page", url: "https://www.suse.com/security/cve/CVE-2007-0458/", }, { category: "self", summary: "SUSE CVE CVE-2007-0459 page", url: "https://www.suse.com/security/cve/CVE-2007-0459/", }, { category: "self", summary: "SUSE CVE CVE-2017-11406 page", url: "https://www.suse.com/security/cve/CVE-2017-11406/", }, { category: "self", summary: "SUSE CVE CVE-2017-11407 page", url: "https://www.suse.com/security/cve/CVE-2017-11407/", }, { category: "self", summary: "SUSE CVE CVE-2017-11408 page", url: "https://www.suse.com/security/cve/CVE-2017-11408/", }, { category: "self", summary: "SUSE CVE CVE-2017-13764 page", url: "https://www.suse.com/security/cve/CVE-2017-13764/", }, { category: "self", summary: "SUSE CVE CVE-2017-13765 page", url: "https://www.suse.com/security/cve/CVE-2017-13765/", }, { category: "self", summary: "SUSE CVE CVE-2017-13766 page", url: "https://www.suse.com/security/cve/CVE-2017-13766/", }, { category: "self", summary: "SUSE CVE CVE-2017-13767 page", url: "https://www.suse.com/security/cve/CVE-2017-13767/", }, { category: "self", summary: "SUSE CVE CVE-2017-15189 page", url: "https://www.suse.com/security/cve/CVE-2017-15189/", }, { category: "self", summary: "SUSE CVE CVE-2017-15190 page", url: "https://www.suse.com/security/cve/CVE-2017-15190/", }, { category: "self", summary: "SUSE CVE CVE-2017-15191 page", url: "https://www.suse.com/security/cve/CVE-2017-15191/", }, { category: "self", summary: "SUSE CVE CVE-2017-15192 page", url: "https://www.suse.com/security/cve/CVE-2017-15192/", }, { category: "self", summary: "SUSE CVE CVE-2017-15193 page", url: "https://www.suse.com/security/cve/CVE-2017-15193/", }, { category: "self", summary: "SUSE CVE CVE-2017-17083 page", url: "https://www.suse.com/security/cve/CVE-2017-17083/", }, { category: "self", summary: "SUSE CVE CVE-2017-17084 page", url: "https://www.suse.com/security/cve/CVE-2017-17084/", }, { category: "self", summary: "SUSE CVE CVE-2017-17085 page", url: "https://www.suse.com/security/cve/CVE-2017-17085/", }, { category: "self", summary: "SUSE CVE CVE-2017-5596 page", url: "https://www.suse.com/security/cve/CVE-2017-5596/", }, { category: "self", summary: "SUSE CVE CVE-2017-5597 page", url: "https://www.suse.com/security/cve/CVE-2017-5597/", }, { category: "self", summary: "SUSE CVE CVE-2017-5753 page", url: "https://www.suse.com/security/cve/CVE-2017-5753/", }, { category: "self", summary: "SUSE CVE CVE-2017-6467 page", url: "https://www.suse.com/security/cve/CVE-2017-6467/", }, { category: "self", summary: "SUSE CVE CVE-2017-6468 page", url: "https://www.suse.com/security/cve/CVE-2017-6468/", }, { category: "self", summary: "SUSE CVE CVE-2017-6469 page", url: "https://www.suse.com/security/cve/CVE-2017-6469/", }, { category: "self", summary: "SUSE CVE CVE-2017-6470 page", url: "https://www.suse.com/security/cve/CVE-2017-6470/", }, { category: "self", summary: "SUSE CVE CVE-2017-6471 page", url: "https://www.suse.com/security/cve/CVE-2017-6471/", }, { category: "self", summary: "SUSE CVE CVE-2017-6472 page", url: "https://www.suse.com/security/cve/CVE-2017-6472/", }, { category: "self", summary: "SUSE CVE CVE-2017-6473 page", url: "https://www.suse.com/security/cve/CVE-2017-6473/", }, { category: "self", summary: "SUSE CVE CVE-2017-6474 page", url: "https://www.suse.com/security/cve/CVE-2017-6474/", }, { category: "self", summary: "SUSE CVE CVE-2017-7700 page", url: "https://www.suse.com/security/cve/CVE-2017-7700/", }, { category: "self", summary: "SUSE CVE CVE-2017-7701 page", url: "https://www.suse.com/security/cve/CVE-2017-7701/", }, { category: "self", summary: "SUSE CVE CVE-2017-7702 page", url: "https://www.suse.com/security/cve/CVE-2017-7702/", }, { category: "self", summary: "SUSE CVE CVE-2017-7703 page", url: "https://www.suse.com/security/cve/CVE-2017-7703/", }, { category: "self", summary: "SUSE CVE CVE-2017-7704 page", url: "https://www.suse.com/security/cve/CVE-2017-7704/", }, { category: "self", summary: "SUSE CVE CVE-2017-7705 page", url: "https://www.suse.com/security/cve/CVE-2017-7705/", }, { category: "self", summary: "SUSE CVE CVE-2017-7745 page", url: "https://www.suse.com/security/cve/CVE-2017-7745/", }, { category: "self", summary: "SUSE CVE CVE-2017-7746 page", url: "https://www.suse.com/security/cve/CVE-2017-7746/", }, { category: "self", summary: "SUSE CVE CVE-2017-7747 page", url: "https://www.suse.com/security/cve/CVE-2017-7747/", }, { category: "self", summary: "SUSE CVE CVE-2017-7748 page", url: "https://www.suse.com/security/cve/CVE-2017-7748/", }, { category: "self", summary: "SUSE CVE CVE-2017-9343 page", url: "https://www.suse.com/security/cve/CVE-2017-9343/", }, { category: "self", summary: "SUSE CVE CVE-2017-9344 page", url: "https://www.suse.com/security/cve/CVE-2017-9344/", }, { category: "self", summary: "SUSE CVE CVE-2017-9345 page", url: "https://www.suse.com/security/cve/CVE-2017-9345/", }, { category: "self", summary: "SUSE CVE CVE-2017-9346 page", url: "https://www.suse.com/security/cve/CVE-2017-9346/", }, { category: "self", summary: "SUSE CVE CVE-2017-9347 page", url: "https://www.suse.com/security/cve/CVE-2017-9347/", }, { category: "self", summary: "SUSE CVE CVE-2017-9348 page", url: "https://www.suse.com/security/cve/CVE-2017-9348/", }, { category: "self", summary: "SUSE CVE CVE-2017-9349 page", url: "https://www.suse.com/security/cve/CVE-2017-9349/", }, { category: "self", summary: "SUSE CVE CVE-2017-9350 page", url: "https://www.suse.com/security/cve/CVE-2017-9350/", }, { category: "self", summary: "SUSE CVE CVE-2017-9351 page", url: "https://www.suse.com/security/cve/CVE-2017-9351/", }, { category: "self", summary: "SUSE CVE CVE-2017-9352 page", url: "https://www.suse.com/security/cve/CVE-2017-9352/", }, { category: "self", summary: "SUSE CVE CVE-2017-9353 page", url: "https://www.suse.com/security/cve/CVE-2017-9353/", }, { category: "self", summary: "SUSE CVE CVE-2017-9354 page", url: "https://www.suse.com/security/cve/CVE-2017-9354/", }, { category: "self", summary: "SUSE CVE CVE-2018-11354 page", url: "https://www.suse.com/security/cve/CVE-2018-11354/", }, { category: "self", summary: "SUSE CVE CVE-2018-11355 page", url: "https://www.suse.com/security/cve/CVE-2018-11355/", }, { category: "self", summary: "SUSE CVE CVE-2018-11356 page", url: "https://www.suse.com/security/cve/CVE-2018-11356/", }, { category: "self", summary: "SUSE CVE CVE-2018-11357 page", url: "https://www.suse.com/security/cve/CVE-2018-11357/", }, { category: "self", summary: "SUSE CVE CVE-2018-11358 page", url: "https://www.suse.com/security/cve/CVE-2018-11358/", }, { category: "self", summary: "SUSE CVE CVE-2018-11359 page", url: "https://www.suse.com/security/cve/CVE-2018-11359/", }, { category: "self", summary: "SUSE CVE CVE-2018-11360 page", url: "https://www.suse.com/security/cve/CVE-2018-11360/", }, { category: "self", summary: "SUSE CVE CVE-2018-11361 page", url: "https://www.suse.com/security/cve/CVE-2018-11361/", }, { category: "self", summary: "SUSE CVE CVE-2018-11362 page", url: "https://www.suse.com/security/cve/CVE-2018-11362/", }, { category: "self", summary: "SUSE CVE CVE-2018-12086 page", url: "https://www.suse.com/security/cve/CVE-2018-12086/", }, { category: "self", summary: "SUSE CVE CVE-2018-14339 page", url: "https://www.suse.com/security/cve/CVE-2018-14339/", }, { category: "self", summary: "SUSE CVE CVE-2018-14340 page", url: "https://www.suse.com/security/cve/CVE-2018-14340/", }, { category: "self", summary: "SUSE CVE CVE-2018-14341 page", url: "https://www.suse.com/security/cve/CVE-2018-14341/", }, { category: "self", summary: "SUSE CVE CVE-2018-14342 page", url: "https://www.suse.com/security/cve/CVE-2018-14342/", }, { category: "self", summary: "SUSE CVE CVE-2018-14343 page", url: "https://www.suse.com/security/cve/CVE-2018-14343/", }, { category: "self", summary: "SUSE CVE CVE-2018-14344 page", url: "https://www.suse.com/security/cve/CVE-2018-14344/", }, { category: "self", summary: "SUSE CVE CVE-2018-14367 page", url: "https://www.suse.com/security/cve/CVE-2018-14367/", }, { category: "self", summary: "SUSE CVE CVE-2018-14368 page", url: "https://www.suse.com/security/cve/CVE-2018-14368/", }, { category: "self", summary: "SUSE CVE CVE-2018-14369 page", url: "https://www.suse.com/security/cve/CVE-2018-14369/", }, { category: "self", summary: "SUSE CVE CVE-2018-14370 page", url: "https://www.suse.com/security/cve/CVE-2018-14370/", }, { category: "self", summary: "SUSE CVE CVE-2018-16056 page", url: "https://www.suse.com/security/cve/CVE-2018-16056/", }, { category: "self", summary: "SUSE CVE CVE-2018-16057 page", url: "https://www.suse.com/security/cve/CVE-2018-16057/", }, { category: "self", summary: "SUSE CVE CVE-2018-16058 page", url: "https://www.suse.com/security/cve/CVE-2018-16058/", }, { category: "self", summary: "SUSE CVE CVE-2018-18225 page", url: "https://www.suse.com/security/cve/CVE-2018-18225/", }, { category: "self", summary: "SUSE CVE CVE-2018-18226 page", url: "https://www.suse.com/security/cve/CVE-2018-18226/", }, { category: "self", summary: "SUSE CVE CVE-2018-18227 page", url: "https://www.suse.com/security/cve/CVE-2018-18227/", }, { category: "self", summary: "SUSE CVE CVE-2018-19622 page", url: "https://www.suse.com/security/cve/CVE-2018-19622/", }, { category: "self", summary: "SUSE CVE CVE-2018-19623 page", url: "https://www.suse.com/security/cve/CVE-2018-19623/", }, { category: "self", summary: "SUSE CVE CVE-2018-19624 page", url: "https://www.suse.com/security/cve/CVE-2018-19624/", }, { category: "self", summary: "SUSE CVE CVE-2018-19625 page", url: "https://www.suse.com/security/cve/CVE-2018-19625/", }, { category: "self", summary: "SUSE CVE CVE-2018-19626 page", url: "https://www.suse.com/security/cve/CVE-2018-19626/", }, { category: "self", summary: "SUSE CVE CVE-2018-19627 page", url: "https://www.suse.com/security/cve/CVE-2018-19627/", }, { category: "self", summary: "SUSE CVE CVE-2018-19628 page", url: "https://www.suse.com/security/cve/CVE-2018-19628/", }, { category: "self", summary: "SUSE CVE CVE-2018-5334 page", url: "https://www.suse.com/security/cve/CVE-2018-5334/", }, { category: "self", summary: "SUSE CVE CVE-2018-5335 page", url: "https://www.suse.com/security/cve/CVE-2018-5335/", }, { category: "self", summary: "SUSE CVE CVE-2018-5336 page", url: "https://www.suse.com/security/cve/CVE-2018-5336/", }, { category: "self", summary: "SUSE CVE CVE-2018-7320 page", url: "https://www.suse.com/security/cve/CVE-2018-7320/", }, { category: "self", summary: "SUSE CVE CVE-2018-7321 page", url: "https://www.suse.com/security/cve/CVE-2018-7321/", }, { category: "self", summary: "SUSE CVE CVE-2018-7325 page", url: "https://www.suse.com/security/cve/CVE-2018-7325/", }, { category: "self", summary: "SUSE CVE CVE-2018-7329 page", url: "https://www.suse.com/security/cve/CVE-2018-7329/", }, { category: "self", summary: "SUSE CVE CVE-2018-7333 page", url: "https://www.suse.com/security/cve/CVE-2018-7333/", }, { category: "self", summary: "SUSE CVE CVE-2018-7334 page", url: "https://www.suse.com/security/cve/CVE-2018-7334/", }, { category: "self", summary: "SUSE CVE CVE-2018-7335 page", url: "https://www.suse.com/security/cve/CVE-2018-7335/", }, { category: "self", summary: "SUSE CVE CVE-2018-7336 page", url: "https://www.suse.com/security/cve/CVE-2018-7336/", }, { category: "self", summary: "SUSE CVE CVE-2018-7337 page", url: "https://www.suse.com/security/cve/CVE-2018-7337/", }, { category: "self", summary: "SUSE CVE CVE-2018-7417 page", url: "https://www.suse.com/security/cve/CVE-2018-7417/", }, { category: "self", summary: "SUSE CVE CVE-2018-7418 page", url: "https://www.suse.com/security/cve/CVE-2018-7418/", }, { category: "self", summary: "SUSE CVE CVE-2018-7419 page", url: "https://www.suse.com/security/cve/CVE-2018-7419/", }, { category: "self", summary: "SUSE CVE CVE-2018-7420 page", url: "https://www.suse.com/security/cve/CVE-2018-7420/", }, { category: "self", summary: "SUSE CVE CVE-2018-9256 page", url: "https://www.suse.com/security/cve/CVE-2018-9256/", }, { category: "self", summary: "SUSE CVE CVE-2018-9257 page", url: "https://www.suse.com/security/cve/CVE-2018-9257/", }, { category: "self", summary: "SUSE CVE CVE-2018-9258 page", url: "https://www.suse.com/security/cve/CVE-2018-9258/", }, { category: "self", summary: "SUSE CVE CVE-2018-9260 page", url: "https://www.suse.com/security/cve/CVE-2018-9260/", }, { category: "self", summary: "SUSE CVE CVE-2018-9261 page", url: "https://www.suse.com/security/cve/CVE-2018-9261/", }, { category: "self", summary: "SUSE CVE CVE-2018-9262 page", url: "https://www.suse.com/security/cve/CVE-2018-9262/", }, { category: "self", summary: "SUSE CVE CVE-2018-9263 page", url: "https://www.suse.com/security/cve/CVE-2018-9263/", }, { category: "self", summary: "SUSE CVE CVE-2018-9264 page", url: "https://www.suse.com/security/cve/CVE-2018-9264/", }, { category: "self", summary: "SUSE CVE CVE-2018-9265 page", url: "https://www.suse.com/security/cve/CVE-2018-9265/", }, { category: "self", summary: "SUSE CVE CVE-2018-9269 page", url: "https://www.suse.com/security/cve/CVE-2018-9269/", }, { category: "self", summary: "SUSE CVE CVE-2018-9273 page", url: "https://www.suse.com/security/cve/CVE-2018-9273/", }, { category: "self", summary: "SUSE CVE CVE-2019-10894 page", url: "https://www.suse.com/security/cve/CVE-2019-10894/", }, { category: "self", summary: "SUSE CVE CVE-2019-10895 page", url: "https://www.suse.com/security/cve/CVE-2019-10895/", }, { category: "self", summary: "SUSE CVE CVE-2019-10896 page", url: "https://www.suse.com/security/cve/CVE-2019-10896/", }, { category: "self", summary: "SUSE CVE CVE-2019-10897 page", url: "https://www.suse.com/security/cve/CVE-2019-10897/", }, { category: "self", summary: "SUSE CVE CVE-2019-10898 page", url: "https://www.suse.com/security/cve/CVE-2019-10898/", }, { category: "self", summary: "SUSE CVE CVE-2019-10899 page", url: "https://www.suse.com/security/cve/CVE-2019-10899/", }, { category: "self", summary: "SUSE CVE CVE-2019-10900 page", url: "https://www.suse.com/security/cve/CVE-2019-10900/", }, { category: "self", summary: "SUSE CVE CVE-2019-10901 page", url: "https://www.suse.com/security/cve/CVE-2019-10901/", }, { category: "self", summary: "SUSE CVE CVE-2019-10902 page", url: "https://www.suse.com/security/cve/CVE-2019-10902/", }, { category: "self", summary: "SUSE CVE CVE-2019-10903 page", url: "https://www.suse.com/security/cve/CVE-2019-10903/", }, { category: "self", summary: "SUSE CVE CVE-2019-13619 page", url: "https://www.suse.com/security/cve/CVE-2019-13619/", }, { category: "self", summary: "SUSE CVE CVE-2019-16319 page", url: "https://www.suse.com/security/cve/CVE-2019-16319/", }, { category: "self", summary: "SUSE CVE CVE-2019-19553 page", url: "https://www.suse.com/security/cve/CVE-2019-19553/", }, { category: "self", summary: "SUSE CVE CVE-2019-5716 page", url: "https://www.suse.com/security/cve/CVE-2019-5716/", }, { category: "self", summary: "SUSE CVE CVE-2019-5717 page", url: "https://www.suse.com/security/cve/CVE-2019-5717/", }, { category: "self", summary: "SUSE CVE CVE-2019-5718 page", url: "https://www.suse.com/security/cve/CVE-2019-5718/", }, { category: "self", summary: "SUSE CVE CVE-2019-5719 page", url: "https://www.suse.com/security/cve/CVE-2019-5719/", }, { category: "self", summary: "SUSE CVE CVE-2019-5721 page", url: "https://www.suse.com/security/cve/CVE-2019-5721/", }, { category: "self", summary: "SUSE CVE CVE-2019-9208 page", url: "https://www.suse.com/security/cve/CVE-2019-9208/", }, { category: "self", summary: "SUSE CVE CVE-2019-9209 page", url: "https://www.suse.com/security/cve/CVE-2019-9209/", }, { category: "self", summary: "SUSE CVE CVE-2019-9214 page", url: "https://www.suse.com/security/cve/CVE-2019-9214/", }, { category: "self", summary: "SUSE CVE CVE-2020-11647 page", url: "https://www.suse.com/security/cve/CVE-2020-11647/", }, { category: "self", summary: "SUSE CVE CVE-2020-13164 page", url: "https://www.suse.com/security/cve/CVE-2020-13164/", }, { category: "self", summary: "SUSE CVE CVE-2020-15466 page", url: "https://www.suse.com/security/cve/CVE-2020-15466/", }, { category: "self", summary: "SUSE CVE CVE-2020-17498 page", url: "https://www.suse.com/security/cve/CVE-2020-17498/", }, { category: "self", summary: "SUSE CVE CVE-2020-25862 page", url: "https://www.suse.com/security/cve/CVE-2020-25862/", }, { category: "self", summary: "SUSE CVE CVE-2020-25863 page", url: "https://www.suse.com/security/cve/CVE-2020-25863/", }, { category: "self", summary: "SUSE CVE CVE-2020-25866 page", url: "https://www.suse.com/security/cve/CVE-2020-25866/", }, { category: "self", summary: "SUSE CVE CVE-2020-26418 page", url: "https://www.suse.com/security/cve/CVE-2020-26418/", }, { category: "self", summary: "SUSE CVE CVE-2020-26419 page", url: "https://www.suse.com/security/cve/CVE-2020-26419/", }, { category: "self", summary: "SUSE CVE CVE-2020-26420 page", url: "https://www.suse.com/security/cve/CVE-2020-26420/", }, { category: "self", summary: "SUSE CVE CVE-2020-26421 page", url: "https://www.suse.com/security/cve/CVE-2020-26421/", }, { category: "self", summary: "SUSE CVE CVE-2020-26422 page", url: "https://www.suse.com/security/cve/CVE-2020-26422/", }, { category: "self", summary: "SUSE CVE CVE-2020-26575 page", url: "https://www.suse.com/security/cve/CVE-2020-26575/", }, { category: "self", summary: "SUSE CVE CVE-2020-28030 page", url: "https://www.suse.com/security/cve/CVE-2020-28030/", }, { category: "self", summary: "SUSE CVE CVE-2020-7044 page", url: "https://www.suse.com/security/cve/CVE-2020-7044/", }, { category: "self", summary: "SUSE CVE CVE-2020-9428 page", url: "https://www.suse.com/security/cve/CVE-2020-9428/", }, { category: "self", summary: "SUSE CVE CVE-2020-9429 page", url: "https://www.suse.com/security/cve/CVE-2020-9429/", }, { category: "self", summary: "SUSE CVE CVE-2020-9430 page", url: "https://www.suse.com/security/cve/CVE-2020-9430/", }, { category: "self", summary: "SUSE CVE CVE-2020-9431 page", url: "https://www.suse.com/security/cve/CVE-2020-9431/", }, { category: "self", summary: "SUSE CVE CVE-2021-22173 page", url: "https://www.suse.com/security/cve/CVE-2021-22173/", }, { category: "self", summary: "SUSE CVE CVE-2021-22174 page", url: "https://www.suse.com/security/cve/CVE-2021-22174/", }, { category: "self", summary: "SUSE CVE CVE-2021-22191 page", url: "https://www.suse.com/security/cve/CVE-2021-22191/", }, { category: "self", summary: "SUSE CVE CVE-2021-22207 page", url: "https://www.suse.com/security/cve/CVE-2021-22207/", }, { category: "self", summary: "SUSE CVE CVE-2021-22235 page", url: "https://www.suse.com/security/cve/CVE-2021-22235/", }, ], title: "libwireshark14-3.4.8-1.2 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:11513-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libwireshark14-3.4.8-1.2.aarch64", product: { name: "libwireshark14-3.4.8-1.2.aarch64", product_id: "libwireshark14-3.4.8-1.2.aarch64", }, }, { category: "product_version", name: "libwiretap11-3.4.8-1.2.aarch64", product: { name: "libwiretap11-3.4.8-1.2.aarch64", product_id: "libwiretap11-3.4.8-1.2.aarch64", }, }, { category: "product_version", name: "libwsutil12-3.4.8-1.2.aarch64", product: { name: "libwsutil12-3.4.8-1.2.aarch64", product_id: "libwsutil12-3.4.8-1.2.aarch64", }, }, { category: "product_version", name: "wireshark-3.4.8-1.2.aarch64", product: { name: "wireshark-3.4.8-1.2.aarch64", product_id: "wireshark-3.4.8-1.2.aarch64", }, }, { category: "product_version", name: "wireshark-devel-3.4.8-1.2.aarch64", product: { name: "wireshark-devel-3.4.8-1.2.aarch64", product_id: "wireshark-devel-3.4.8-1.2.aarch64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.4.8-1.2.aarch64", product: { name: "wireshark-ui-qt-3.4.8-1.2.aarch64", product_id: "wireshark-ui-qt-3.4.8-1.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libwireshark14-3.4.8-1.2.ppc64le", product: { name: "libwireshark14-3.4.8-1.2.ppc64le", product_id: "libwireshark14-3.4.8-1.2.ppc64le", }, }, { category: "product_version", name: "libwiretap11-3.4.8-1.2.ppc64le", product: { name: "libwiretap11-3.4.8-1.2.ppc64le", product_id: "libwiretap11-3.4.8-1.2.ppc64le", }, }, { category: "product_version", name: "libwsutil12-3.4.8-1.2.ppc64le", product: { name: "libwsutil12-3.4.8-1.2.ppc64le", product_id: "libwsutil12-3.4.8-1.2.ppc64le", }, }, { category: "product_version", name: "wireshark-3.4.8-1.2.ppc64le", product: { name: "wireshark-3.4.8-1.2.ppc64le", product_id: "wireshark-3.4.8-1.2.ppc64le", }, }, { category: "product_version", name: "wireshark-devel-3.4.8-1.2.ppc64le", product: { name: "wireshark-devel-3.4.8-1.2.ppc64le", product_id: "wireshark-devel-3.4.8-1.2.ppc64le", }, }, { category: "product_version", name: "wireshark-ui-qt-3.4.8-1.2.ppc64le", product: { name: "wireshark-ui-qt-3.4.8-1.2.ppc64le", product_id: "wireshark-ui-qt-3.4.8-1.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libwireshark14-3.4.8-1.2.s390x", product: { name: "libwireshark14-3.4.8-1.2.s390x", product_id: "libwireshark14-3.4.8-1.2.s390x", }, }, { category: "product_version", name: "libwiretap11-3.4.8-1.2.s390x", product: { name: "libwiretap11-3.4.8-1.2.s390x", product_id: "libwiretap11-3.4.8-1.2.s390x", }, }, { category: "product_version", name: "libwsutil12-3.4.8-1.2.s390x", product: { name: "libwsutil12-3.4.8-1.2.s390x", product_id: "libwsutil12-3.4.8-1.2.s390x", }, }, { category: "product_version", name: "wireshark-3.4.8-1.2.s390x", product: { name: "wireshark-3.4.8-1.2.s390x", product_id: "wireshark-3.4.8-1.2.s390x", }, }, { category: "product_version", name: "wireshark-devel-3.4.8-1.2.s390x", product: { name: "wireshark-devel-3.4.8-1.2.s390x", product_id: "wireshark-devel-3.4.8-1.2.s390x", }, }, { category: "product_version", name: "wireshark-ui-qt-3.4.8-1.2.s390x", product: { name: "wireshark-ui-qt-3.4.8-1.2.s390x", product_id: "wireshark-ui-qt-3.4.8-1.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libwireshark14-3.4.8-1.2.x86_64", product: { name: "libwireshark14-3.4.8-1.2.x86_64", product_id: "libwireshark14-3.4.8-1.2.x86_64", }, }, { category: "product_version", name: "libwiretap11-3.4.8-1.2.x86_64", product: { name: "libwiretap11-3.4.8-1.2.x86_64", product_id: "libwiretap11-3.4.8-1.2.x86_64", }, }, { category: "product_version", name: "libwsutil12-3.4.8-1.2.x86_64", product: { name: "libwsutil12-3.4.8-1.2.x86_64", product_id: "libwsutil12-3.4.8-1.2.x86_64", }, }, { category: "product_version", name: "wireshark-3.4.8-1.2.x86_64", product: { name: "wireshark-3.4.8-1.2.x86_64", product_id: "wireshark-3.4.8-1.2.x86_64", }, }, { category: "product_version", name: "wireshark-devel-3.4.8-1.2.x86_64", product: { name: "wireshark-devel-3.4.8-1.2.x86_64", product_id: "wireshark-devel-3.4.8-1.2.x86_64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.4.8-1.2.x86_64", product: { name: "wireshark-ui-qt-3.4.8-1.2.x86_64", product_id: "wireshark-ui-qt-3.4.8-1.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libwireshark14-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", }, product_reference: "libwireshark14-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwireshark14-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", }, product_reference: "libwireshark14-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwireshark14-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", }, product_reference: "libwireshark14-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwireshark14-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", }, product_reference: "libwireshark14-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwiretap11-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", }, product_reference: "libwiretap11-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwiretap11-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", }, product_reference: "libwiretap11-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwiretap11-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", }, product_reference: "libwiretap11-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwiretap11-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", }, product_reference: "libwiretap11-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwsutil12-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", }, product_reference: "libwsutil12-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwsutil12-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", }, product_reference: "libwsutil12-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwsutil12-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", }, product_reference: "libwsutil12-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libwsutil12-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", }, product_reference: "libwsutil12-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", }, product_reference: "wireshark-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", }, product_reference: "wireshark-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", }, product_reference: "wireshark-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", }, product_reference: "wireshark-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", }, product_reference: "wireshark-devel-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", }, product_reference: "wireshark-devel-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", }, product_reference: "wireshark-devel-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", }, product_reference: "wireshark-devel-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.4.8-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", }, product_reference: "wireshark-ui-qt-3.4.8-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.4.8-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", }, product_reference: "wireshark-ui-qt-3.4.8-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.4.8-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", }, product_reference: "wireshark-ui-qt-3.4.8-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.4.8-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", }, product_reference: "wireshark-ui-qt-3.4.8-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2006-1932", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-1932", }, ], notes: [ { category: "general", text: "Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-1932", url: "https://www.suse.com/security/cve/CVE-2006-1932", }, { category: "external", summary: "SUSE Bug 167928 for CVE-2006-1932", url: "https://bugzilla.suse.com/167928", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2006-1932", }, { cve: "CVE-2006-4574", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-4574", }, ], notes: [ { category: "general", text: "Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-4574", url: "https://www.suse.com/security/cve/CVE-2006-4574", }, { category: "external", summary: "SUSE Bug 213226 for CVE-2006-4574", url: "https://bugzilla.suse.com/213226", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2006-4574", }, { cve: "CVE-2006-4805", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-4805", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a zero length value when it is decoded.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-4805", url: "https://www.suse.com/security/cve/CVE-2006-4805", }, { category: "external", summary: "SUSE Bug 213226 for CVE-2006-4805", url: "https://bugzilla.suse.com/213226", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-4805", }, { cve: "CVE-2006-5468", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-5468", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-5468", url: "https://www.suse.com/security/cve/CVE-2006-5468", }, { category: "external", summary: "SUSE Bug 213226 for CVE-2006-5468", url: "https://bugzilla.suse.com/213226", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-5468", }, { cve: "CVE-2006-5469", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-5469", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the WBXML dissector in Wireshark (formerly Ethereal) 0.10.11 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger a null dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-5469", url: "https://www.suse.com/security/cve/CVE-2006-5469", }, { category: "external", summary: "SUSE Bug 213226 for CVE-2006-5469", url: "https://bugzilla.suse.com/213226", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-5469", }, { cve: "CVE-2006-5740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2006-5740", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2006-5740", url: "https://www.suse.com/security/cve/CVE-2006-5740", }, { category: "external", summary: "SUSE Bug 213226 for CVE-2006-5740", url: "https://bugzilla.suse.com/213226", }, { category: "external", summary: "SUSE Bug 374694 for CVE-2006-5740", url: "https://bugzilla.suse.com/374694", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2006-5740", }, { cve: "CVE-2007-0456", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-0456", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-0456", url: "https://www.suse.com/security/cve/CVE-2007-0456", }, { category: "external", summary: "SUSE Bug 237246 for CVE-2007-0456", url: "https://bugzilla.suse.com/237246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-0456", }, { cve: "CVE-2007-0457", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-0457", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-0457", url: "https://www.suse.com/security/cve/CVE-2007-0457", }, { category: "external", summary: "SUSE Bug 237246 for CVE-2007-0457", url: "https://bugzilla.suse.com/237246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-0457", }, { cve: "CVE-2007-0458", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-0458", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-0458", url: "https://www.suse.com/security/cve/CVE-2007-0458", }, { category: "external", summary: "SUSE Bug 237246 for CVE-2007-0458", url: "https://bugzilla.suse.com/237246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-0458", }, { cve: "CVE-2007-0459", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-0459", }, ], notes: [ { category: "general", text: "packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-0459", url: "https://www.suse.com/security/cve/CVE-2007-0459", }, { category: "external", summary: "SUSE Bug 237246 for CVE-2007-0459", url: "https://bugzilla.suse.com/237246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-0459", }, { cve: "CVE-2017-11406", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11406", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11406", url: "https://www.suse.com/security/cve/CVE-2017-11406", }, { category: "external", summary: "SUSE Bug 1049255 for CVE-2017-11406", url: "https://bugzilla.suse.com/1049255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-11406", }, { cve: "CVE-2017-11407", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11407", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed in epan/dissectors/packet-mq.c by validating the fragment length before a reassembly attempt.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11407", url: "https://www.suse.com/security/cve/CVE-2017-11407", }, { category: "external", summary: "SUSE Bug 1049255 for CVE-2017-11407", url: "https://bugzilla.suse.com/1049255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-11407", }, { cve: "CVE-2017-11408", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-11408", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-11408", url: "https://www.suse.com/security/cve/CVE-2017-11408", }, { category: "external", summary: "SUSE Bug 1049255 for CVE-2017-11408", url: "https://bugzilla.suse.com/1049255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-11408", }, { cve: "CVE-2017-13764", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13764", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13764", url: "https://www.suse.com/security/cve/CVE-2017-13764", }, { category: "external", summary: "SUSE Bug 1056250 for CVE-2017-13764", url: "https://bugzilla.suse.com/1056250", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-13764", }, { cve: "CVE-2017-13765", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13765", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13765", url: "https://www.suse.com/security/cve/CVE-2017-13765", }, { category: "external", summary: "SUSE Bug 1056251 for CVE-2017-13765", url: "https://bugzilla.suse.com/1056251", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-13765", }, { cve: "CVE-2017-13766", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13766", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13766", url: "https://www.suse.com/security/cve/CVE-2017-13766", }, { category: "external", summary: "SUSE Bug 1056249 for CVE-2017-13766", url: "https://bugzilla.suse.com/1056249", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-13766", }, { cve: "CVE-2017-13767", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13767", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13767", url: "https://www.suse.com/security/cve/CVE-2017-13767", }, { category: "external", summary: "SUSE Bug 1056248 for CVE-2017-13767", url: "https://bugzilla.suse.com/1056248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-13767", }, { cve: "CVE-2017-15189", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15189", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15189", url: "https://www.suse.com/security/cve/CVE-2017-15189", }, { category: "external", summary: "SUSE Bug 1062645 for CVE-2017-15189", url: "https://bugzilla.suse.com/1062645", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2017-15189", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-15189", }, { cve: "CVE-2017-15190", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15190", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15190", url: "https://www.suse.com/security/cve/CVE-2017-15190", }, { category: "external", summary: "SUSE Bug 1062645 for CVE-2017-15190", url: "https://bugzilla.suse.com/1062645", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2017-15190", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-15190", }, { cve: "CVE-2017-15191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15191", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15191", url: "https://www.suse.com/security/cve/CVE-2017-15191", }, { category: "external", summary: "SUSE Bug 1062645 for CVE-2017-15191", url: "https://bugzilla.suse.com/1062645", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2017-15191", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-15191", }, { cve: "CVE-2017-15192", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15192", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15192", url: "https://www.suse.com/security/cve/CVE-2017-15192", }, { category: "external", summary: "SUSE Bug 1062645 for CVE-2017-15192", url: "https://bugzilla.suse.com/1062645", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2017-15192", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-15192", }, { cve: "CVE-2017-15193", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-15193", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-15193", url: "https://www.suse.com/security/cve/CVE-2017-15193", }, { category: "external", summary: "SUSE Bug 1062645 for CVE-2017-15193", url: "https://bugzilla.suse.com/1062645", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2017-15193", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-15193", }, { cve: "CVE-2017-17083", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17083", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17083", url: "https://www.suse.com/security/cve/CVE-2017-17083", }, { category: "external", summary: "SUSE Bug 1070727 for CVE-2017-17083", url: "https://bugzilla.suse.com/1070727", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17083", }, { cve: "CVE-2017-17084", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17084", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17084", url: "https://www.suse.com/security/cve/CVE-2017-17084", }, { category: "external", summary: "SUSE Bug 1070727 for CVE-2017-17084", url: "https://bugzilla.suse.com/1070727", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17084", }, { cve: "CVE-2017-17085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-17085", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-17085", url: "https://www.suse.com/security/cve/CVE-2017-17085", }, { category: "external", summary: "SUSE Bug 1070727 for CVE-2017-17085", url: "https://bugzilla.suse.com/1070727", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-17085", }, { cve: "CVE-2017-5596", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5596", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5596", url: "https://www.suse.com/security/cve/CVE-2017-5596", }, { category: "external", summary: "SUSE Bug 1021739 for CVE-2017-5596", url: "https://bugzilla.suse.com/1021739", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2017-5596", }, { cve: "CVE-2017-5597", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5597", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5597", url: "https://www.suse.com/security/cve/CVE-2017-5597", }, { category: "external", summary: "SUSE Bug 1021739 for CVE-2017-5597", url: "https://bugzilla.suse.com/1021739", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2017-5597", }, { cve: "CVE-2017-5753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-5753", }, ], notes: [ { category: "general", text: "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-5753", url: "https://www.suse.com/security/cve/CVE-2017-5753", }, { category: "external", summary: "SUSE Bug 1068032 for CVE-2017-5753", url: "https://bugzilla.suse.com/1068032", }, { category: "external", summary: "SUSE Bug 1074562 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074562", }, { category: "external", summary: "SUSE Bug 1074578 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074578", }, { category: "external", summary: "SUSE Bug 1074701 for CVE-2017-5753", url: "https://bugzilla.suse.com/1074701", }, { category: "external", summary: "SUSE Bug 1075006 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075006", }, { category: "external", summary: "SUSE Bug 1075419 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075419", }, { category: "external", summary: "SUSE Bug 1075748 for CVE-2017-5753", url: "https://bugzilla.suse.com/1075748", }, { category: "external", summary: "SUSE Bug 1080039 for CVE-2017-5753", url: "https://bugzilla.suse.com/1080039", }, { category: "external", summary: "SUSE Bug 1087084 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087084", }, { category: "external", summary: "SUSE Bug 1087939 for CVE-2017-5753", url: "https://bugzilla.suse.com/1087939", }, { category: "external", summary: "SUSE Bug 1089055 for CVE-2017-5753", url: "https://bugzilla.suse.com/1089055", }, { category: "external", summary: "SUSE Bug 1136865 for CVE-2017-5753", url: "https://bugzilla.suse.com/1136865", }, { category: "external", summary: "SUSE Bug 1178658 for CVE-2017-5753", url: "https://bugzilla.suse.com/1178658", }, { category: "external", summary: "SUSE Bug 1201877 for CVE-2017-5753", url: "https://bugzilla.suse.com/1201877", }, { category: "external", summary: "SUSE Bug 1209547 for CVE-2017-5753", url: "https://bugzilla.suse.com/1209547", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-5753", }, { cve: "CVE-2017-6467", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6467", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by changing the restrictions on file size.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6467", url: "https://www.suse.com/security/cve/CVE-2017-6467", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6467", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148181 for CVE-2017-6467", url: "https://bugzilla.suse.com/1148181", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6467", }, { cve: "CVE-2017-6468", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6468", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating the relationship between pages and records.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6468", url: "https://www.suse.com/security/cve/CVE-2017-6468", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6468", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148182 for CVE-2017-6468", url: "https://bugzilla.suse.com/1148182", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6468", }, { cve: "CVE-2017-6469", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6469", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-ldss.c by ensuring that memory is allocated for a certain data structure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6469", url: "https://www.suse.com/security/cve/CVE-2017-6469", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6469", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148185 for CVE-2017-6469", url: "https://bugzilla.suse.com/1148185", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6469", }, { cve: "CVE-2017-6470", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6470", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-iax2.c by constraining packet lateness.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6470", url: "https://www.suse.com/security/cve/CVE-2017-6470", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6470", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148186 for CVE-2017-6470", url: "https://bugzilla.suse.com/1148186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6470", }, { cve: "CVE-2017-6471", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6471", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by validating the capability length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6471", url: "https://www.suse.com/security/cve/CVE-2017-6471", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6471", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148187 for CVE-2017-6471", url: "https://bugzilla.suse.com/1148187", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6471", }, { cve: "CVE-2017-6472", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6472", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rtmpt.c by properly incrementing a certain sequence value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6472", url: "https://www.suse.com/security/cve/CVE-2017-6472", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6472", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148188 for CVE-2017-6472", url: "https://bugzilla.suse.com/1148188", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6472", }, { cve: "CVE-2017-6473", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6473", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. This was addressed in wiretap/k12.c by validating the relationships between lengths and offsets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6473", url: "https://www.suse.com/security/cve/CVE-2017-6473", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6473", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148189 for CVE-2017-6473", url: "https://bugzilla.suse.com/1148189", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6473", }, { cve: "CVE-2017-6474", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-6474", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-6474", url: "https://www.suse.com/security/cve/CVE-2017-6474", }, { category: "external", summary: "SUSE Bug 1027998 for CVE-2017-6474", url: "https://bugzilla.suse.com/1027998", }, { category: "external", summary: "SUSE Bug 1148191 for CVE-2017-6474", url: "https://bugzilla.suse.com/1148191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-6474", }, { cve: "CVE-2017-7700", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7700", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7700", url: "https://www.suse.com/security/cve/CVE-2017-7700", }, { category: "external", summary: "SUSE Bug 1033936 for CVE-2017-7700", url: "https://bugzilla.suse.com/1033936", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7700", }, { cve: "CVE-2017-7701", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7701", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7701", url: "https://www.suse.com/security/cve/CVE-2017-7701", }, { category: "external", summary: "SUSE Bug 1033937 for CVE-2017-7701", url: "https://bugzilla.suse.com/1033937", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7701", }, { cve: "CVE-2017-7702", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7702", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7702", url: "https://www.suse.com/security/cve/CVE-2017-7702", }, { category: "external", summary: "SUSE Bug 1033938 for CVE-2017-7702", url: "https://bugzilla.suse.com/1033938", }, { category: "external", summary: "SUSE Bug 1049255 for CVE-2017-7702", url: "https://bugzilla.suse.com/1049255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7702", }, { cve: "CVE-2017-7703", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7703", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7703", url: "https://www.suse.com/security/cve/CVE-2017-7703", }, { category: "external", summary: "SUSE Bug 1033939 for CVE-2017-7703", url: "https://bugzilla.suse.com/1033939", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7703", }, { cve: "CVE-2017-7704", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7704", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7704", url: "https://www.suse.com/security/cve/CVE-2017-7704", }, { category: "external", summary: "SUSE Bug 1033940 for CVE-2017-7704", url: "https://bugzilla.suse.com/1033940", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7704", }, { cve: "CVE-2017-7705", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7705", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7705", url: "https://www.suse.com/security/cve/CVE-2017-7705", }, { category: "external", summary: "SUSE Bug 1033941 for CVE-2017-7705", url: "https://bugzilla.suse.com/1033941", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7705", }, { cve: "CVE-2017-7745", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7745", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7745", url: "https://www.suse.com/security/cve/CVE-2017-7745", }, { category: "external", summary: "SUSE Bug 1033942 for CVE-2017-7745", url: "https://bugzilla.suse.com/1033942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7745", }, { cve: "CVE-2017-7746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7746", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7746", url: "https://www.suse.com/security/cve/CVE-2017-7746", }, { category: "external", summary: "SUSE Bug 1033943 for CVE-2017-7746", url: "https://bugzilla.suse.com/1033943", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7746", }, { cve: "CVE-2017-7747", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7747", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7747", url: "https://www.suse.com/security/cve/CVE-2017-7747", }, { category: "external", summary: "SUSE Bug 1033944 for CVE-2017-7747", url: "https://bugzilla.suse.com/1033944", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7747", }, { cve: "CVE-2017-7748", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-7748", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-7748", url: "https://www.suse.com/security/cve/CVE-2017-7748", }, { category: "external", summary: "SUSE Bug 1033945 for CVE-2017-7748", url: "https://bugzilla.suse.com/1033945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-7748", }, { cve: "CVE-2017-9343", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9343", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9343", url: "https://www.suse.com/security/cve/CVE-2017-9343", }, { category: "external", summary: "SUSE Bug 1042309 for CVE-2017-9343", url: "https://bugzilla.suse.com/1042309", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9343", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9343", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9343", url: "https://bugzilla.suse.com/1042331", }, { category: "external", summary: "SUSE Bug 1077080 for CVE-2017-9343", url: "https://bugzilla.suse.com/1077080", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9343", }, { cve: "CVE-2017-9344", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9344", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9344", url: "https://www.suse.com/security/cve/CVE-2017-9344", }, { category: "external", summary: "SUSE Bug 1042298 for CVE-2017-9344", url: "https://bugzilla.suse.com/1042298", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9344", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9344", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9344", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9344", }, { cve: "CVE-2017-9345", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9345", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9345", url: "https://www.suse.com/security/cve/CVE-2017-9345", }, { category: "external", summary: "SUSE Bug 1042300 for CVE-2017-9345", url: "https://bugzilla.suse.com/1042300", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9345", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9345", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9345", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9345", }, { cve: "CVE-2017-9346", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9346", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9346", url: "https://www.suse.com/security/cve/CVE-2017-9346", }, { category: "external", summary: "SUSE Bug 1042301 for CVE-2017-9346", url: "https://bugzilla.suse.com/1042301", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9346", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9346", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9346", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9346", }, { cve: "CVE-2017-9347", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9347", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9347", url: "https://www.suse.com/security/cve/CVE-2017-9347", }, { category: "external", summary: "SUSE Bug 1042308 for CVE-2017-9347", url: "https://bugzilla.suse.com/1042308", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9347", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9347", url: "https://bugzilla.suse.com/1042330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9347", }, { cve: "CVE-2017-9348", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9348", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9348", url: "https://www.suse.com/security/cve/CVE-2017-9348", }, { category: "external", summary: "SUSE Bug 1042303 for CVE-2017-9348", url: "https://bugzilla.suse.com/1042303", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9348", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9348", url: "https://bugzilla.suse.com/1042330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9348", }, { cve: "CVE-2017-9349", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9349", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9349", url: "https://www.suse.com/security/cve/CVE-2017-9349", }, { category: "external", summary: "SUSE Bug 1042305 for CVE-2017-9349", url: "https://bugzilla.suse.com/1042305", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9349", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9349", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9349", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9349", }, { cve: "CVE-2017-9350", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9350", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9350", url: "https://www.suse.com/security/cve/CVE-2017-9350", }, { category: "external", summary: "SUSE Bug 1042299 for CVE-2017-9350", url: "https://bugzilla.suse.com/1042299", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9350", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9350", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9350", url: "https://bugzilla.suse.com/1042331", }, { category: "external", summary: "SUSE Bug 1049255 for CVE-2017-9350", url: "https://bugzilla.suse.com/1049255", }, { category: "external", summary: "SUSE Bug 1049621 for CVE-2017-9350", url: "https://bugzilla.suse.com/1049621", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9350", }, { cve: "CVE-2017-9351", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9351", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9351", url: "https://www.suse.com/security/cve/CVE-2017-9351", }, { category: "external", summary: "SUSE Bug 1042302 for CVE-2017-9351", url: "https://bugzilla.suse.com/1042302", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9351", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9351", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9351", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9351", }, { cve: "CVE-2017-9352", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9352", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9352", url: "https://www.suse.com/security/cve/CVE-2017-9352", }, { category: "external", summary: "SUSE Bug 1042304 for CVE-2017-9352", url: "https://bugzilla.suse.com/1042304", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9352", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9352", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9352", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9352", }, { cve: "CVE-2017-9353", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9353", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was addressed in epan/dissectors/packet-ipv6.c by validating an IPv6 address.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9353", url: "https://www.suse.com/security/cve/CVE-2017-9353", }, { category: "external", summary: "SUSE Bug 1042306 for CVE-2017-9353", url: "https://bugzilla.suse.com/1042306", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9353", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9353", url: "https://bugzilla.suse.com/1042330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9353", }, { cve: "CVE-2017-9354", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9354", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9354", url: "https://www.suse.com/security/cve/CVE-2017-9354", }, { category: "external", summary: "SUSE Bug 1042307 for CVE-2017-9354", url: "https://bugzilla.suse.com/1042307", }, { category: "external", summary: "SUSE Bug 1042324 for CVE-2017-9354", url: "https://bugzilla.suse.com/1042324", }, { category: "external", summary: "SUSE Bug 1042330 for CVE-2017-9354", url: "https://bugzilla.suse.com/1042330", }, { category: "external", summary: "SUSE Bug 1042331 for CVE-2017-9354", url: "https://bugzilla.suse.com/1042331", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2017-9354", }, { cve: "CVE-2018-11354", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11354", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11354", url: "https://www.suse.com/security/cve/CVE-2018-11354", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11354", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11354", }, { cve: "CVE-2018-11355", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11355", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11355", url: "https://www.suse.com/security/cve/CVE-2018-11355", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11355", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11355", }, { cve: "CVE-2018-11356", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11356", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11356", url: "https://www.suse.com/security/cve/CVE-2018-11356", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11356", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11356", }, { cve: "CVE-2018-11357", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11357", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11357", url: "https://www.suse.com/security/cve/CVE-2018-11357", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11357", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11357", }, { cve: "CVE-2018-11358", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11358", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11358", url: "https://www.suse.com/security/cve/CVE-2018-11358", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11358", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11358", }, { cve: "CVE-2018-11359", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11359", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11359", url: "https://www.suse.com/security/cve/CVE-2018-11359", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11359", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11359", }, { cve: "CVE-2018-11360", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11360", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11360", url: "https://www.suse.com/security/cve/CVE-2018-11360", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11360", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11360", }, { cve: "CVE-2018-11361", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11361", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11361", url: "https://www.suse.com/security/cve/CVE-2018-11361", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11361", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11361", }, { cve: "CVE-2018-11362", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11362", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11362", url: "https://www.suse.com/security/cve/CVE-2018-11362", }, { category: "external", summary: "SUSE Bug 1094301 for CVE-2018-11362", url: "https://bugzilla.suse.com/1094301", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11362", }, { cve: "CVE-2018-12086", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12086", }, ], notes: [ { category: "general", text: "Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12086", url: "https://www.suse.com/security/cve/CVE-2018-12086", }, { category: "external", summary: "SUSE Bug 1111647 for CVE-2018-12086", url: "https://bugzilla.suse.com/1111647", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-12086", }, { cve: "CVE-2018-14339", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14339", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14339", url: "https://www.suse.com/security/cve/CVE-2018-14339", }, { category: "external", summary: "SUSE Bug 1101810 for CVE-2018-14339", url: "https://bugzilla.suse.com/1101810", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14339", }, { cve: "CVE-2018-14340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14340", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14340", url: "https://www.suse.com/security/cve/CVE-2018-14340", }, { category: "external", summary: "SUSE Bug 1101804 for CVE-2018-14340", url: "https://bugzilla.suse.com/1101804", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14340", }, { cve: "CVE-2018-14341", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14341", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14341", url: "https://www.suse.com/security/cve/CVE-2018-14341", }, { category: "external", summary: "SUSE Bug 1101776 for CVE-2018-14341", url: "https://bugzilla.suse.com/1101776", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14341", }, { cve: "CVE-2018-14342", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14342", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14342", url: "https://www.suse.com/security/cve/CVE-2018-14342", }, { category: "external", summary: "SUSE Bug 1101777 for CVE-2018-14342", url: "https://bugzilla.suse.com/1101777", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14342", }, { cve: "CVE-2018-14343", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14343", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14343", url: "https://www.suse.com/security/cve/CVE-2018-14343", }, { category: "external", summary: "SUSE Bug 1101786 for CVE-2018-14343", url: "https://bugzilla.suse.com/1101786", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14343", }, { cve: "CVE-2018-14344", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14344", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14344", url: "https://www.suse.com/security/cve/CVE-2018-14344", }, { category: "external", summary: "SUSE Bug 1101788 for CVE-2018-14344", url: "https://bugzilla.suse.com/1101788", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14344", }, { cve: "CVE-2018-14367", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14367", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14367", url: "https://www.suse.com/security/cve/CVE-2018-14367", }, { category: "external", summary: "SUSE Bug 1101791 for CVE-2018-14367", url: "https://bugzilla.suse.com/1101791", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14367", }, { cve: "CVE-2018-14368", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14368", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14368", url: "https://www.suse.com/security/cve/CVE-2018-14368", }, { category: "external", summary: "SUSE Bug 1101794 for CVE-2018-14368", url: "https://bugzilla.suse.com/1101794", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14368", }, { cve: "CVE-2018-14369", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14369", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14369", url: "https://www.suse.com/security/cve/CVE-2018-14369", }, { category: "external", summary: "SUSE Bug 1101800 for CVE-2018-14369", url: "https://bugzilla.suse.com/1101800", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14369", }, { cve: "CVE-2018-14370", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14370", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14370", url: "https://www.suse.com/security/cve/CVE-2018-14370", }, { category: "external", summary: "SUSE Bug 1101802 for CVE-2018-14370", url: "https://bugzilla.suse.com/1101802", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2018-14370", }, { cve: "CVE-2018-16056", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16056", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16056", url: "https://www.suse.com/security/cve/CVE-2018-16056", }, { category: "external", summary: "SUSE Bug 1106514 for CVE-2018-16056", url: "https://bugzilla.suse.com/1106514", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-16056", }, { cve: "CVE-2018-16057", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16057", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16057", url: "https://www.suse.com/security/cve/CVE-2018-16057", }, { category: "external", summary: "SUSE Bug 1106514 for CVE-2018-16057", url: "https://bugzilla.suse.com/1106514", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-16057", }, { cve: "CVE-2018-16058", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16058", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16058", url: "https://www.suse.com/security/cve/CVE-2018-16058", }, { category: "external", summary: "SUSE Bug 1106514 for CVE-2018-16058", url: "https://bugzilla.suse.com/1106514", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-16058", }, { cve: "CVE-2018-18225", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18225", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. This was addressed in epan/dissectors/packet-coap.c by ensuring that the piv length is correctly computed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18225", url: "https://www.suse.com/security/cve/CVE-2018-18225", }, { category: "external", summary: "SUSE Bug 1111647 for CVE-2018-18225", url: "https://bugzilla.suse.com/1111647", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-18225", }, { cve: "CVE-2018-18226", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18226", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. This was addressed in epan/dissectors/packet-steam-ihs-discovery.c by changing the memory-management approach.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18226", url: "https://www.suse.com/security/cve/CVE-2018-18226", }, { category: "external", summary: "SUSE Bug 1111647 for CVE-2018-18226", url: "https://bugzilla.suse.com/1111647", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-18226", }, { cve: "CVE-2018-18227", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18227", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18227", url: "https://www.suse.com/security/cve/CVE-2018-18227", }, { category: "external", summary: "SUSE Bug 1111647 for CVE-2018-18227", url: "https://bugzilla.suse.com/1111647", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-18227", }, { cve: "CVE-2018-19622", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19622", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19622", url: "https://www.suse.com/security/cve/CVE-2018-19622", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19622", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19622", }, { cve: "CVE-2018-19623", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19623", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19623", url: "https://www.suse.com/security/cve/CVE-2018-19623", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19623", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19623", }, { cve: "CVE-2018-19624", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19624", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19624", url: "https://www.suse.com/security/cve/CVE-2018-19624", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19624", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19624", }, { cve: "CVE-2018-19625", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19625", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19625", url: "https://www.suse.com/security/cve/CVE-2018-19625", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19625", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19625", }, { cve: "CVE-2018-19626", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19626", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\\0' termination.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19626", url: "https://www.suse.com/security/cve/CVE-2018-19626", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19626", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19626", }, { cve: "CVE-2018-19627", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19627", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19627", url: "https://www.suse.com/security/cve/CVE-2018-19627", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19627", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-19627", }, { cve: "CVE-2018-19628", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19628", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19628", url: "https://www.suse.com/security/cve/CVE-2018-19628", }, { category: "external", summary: "SUSE Bug 1117740 for CVE-2018-19628", url: "https://bugzilla.suse.com/1117740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-19628", }, { cve: "CVE-2018-5334", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5334", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5334", url: "https://www.suse.com/security/cve/CVE-2018-5334", }, { category: "external", summary: "SUSE Bug 1075737 for CVE-2018-5334", url: "https://bugzilla.suse.com/1075737", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-5334", }, { cve: "CVE-2018-5335", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5335", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5335", url: "https://www.suse.com/security/cve/CVE-2018-5335", }, { category: "external", summary: "SUSE Bug 1075738 for CVE-2018-5335", url: "https://bugzilla.suse.com/1075738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-5335", }, { cve: "CVE-2018-5336", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5336", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-5336", url: "https://www.suse.com/security/cve/CVE-2018-5336", }, { category: "external", summary: "SUSE Bug 1075739 for CVE-2018-5336", url: "https://bugzilla.suse.com/1075739", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-5336", }, { cve: "CVE-2018-7320", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7320", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7320", url: "https://www.suse.com/security/cve/CVE-2018-7320", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7320", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7320", }, { cve: "CVE-2018-7321", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7321", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7321", url: "https://www.suse.com/security/cve/CVE-2018-7321", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7321", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7321", }, { cve: "CVE-2018-7325", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7325", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7325", url: "https://www.suse.com/security/cve/CVE-2018-7325", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7325", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7325", }, { cve: "CVE-2018-7329", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7329", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7329", url: "https://www.suse.com/security/cve/CVE-2018-7329", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7329", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7329", }, { cve: "CVE-2018-7333", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7333", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7333", url: "https://www.suse.com/security/cve/CVE-2018-7333", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7333", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7333", }, { cve: "CVE-2018-7334", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7334", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7334", url: "https://www.suse.com/security/cve/CVE-2018-7334", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7334", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7334", }, { cve: "CVE-2018-7335", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7335", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7335", url: "https://www.suse.com/security/cve/CVE-2018-7335", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7335", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7335", }, { cve: "CVE-2018-7336", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7336", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7336", url: "https://www.suse.com/security/cve/CVE-2018-7336", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7336", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7336", }, { cve: "CVE-2018-7337", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7337", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7337", url: "https://www.suse.com/security/cve/CVE-2018-7337", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7337", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7337", }, { cve: "CVE-2018-7417", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7417", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. This was addressed in epan/dissectors/packet-ipmi-picmg.c by adding support for crafted packets that lack an IPMI header.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7417", url: "https://www.suse.com/security/cve/CVE-2018-7417", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7417", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7417", }, { cve: "CVE-2018-7418", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7418", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7418", url: "https://www.suse.com/security/cve/CVE-2018-7418", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7418", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7418", }, { cve: "CVE-2018-7419", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7419", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7419", url: "https://www.suse.com/security/cve/CVE-2018-7419", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7419", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7419", }, { cve: "CVE-2018-7420", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-7420", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-7420", url: "https://www.suse.com/security/cve/CVE-2018-7420", }, { category: "external", summary: "SUSE Bug 1082692 for CVE-2018-7420", url: "https://bugzilla.suse.com/1082692", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-7420", }, { cve: "CVE-2018-9256", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9256", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9256", url: "https://www.suse.com/security/cve/CVE-2018-9256", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9256", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9256", }, { cve: "CVE-2018-9257", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9257", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9257", url: "https://www.suse.com/security/cve/CVE-2018-9257", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9257", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9257", }, { cve: "CVE-2018-9258", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9258", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9258", url: "https://www.suse.com/security/cve/CVE-2018-9258", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9258", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9258", }, { cve: "CVE-2018-9260", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9260", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash. This was addressed in epan/dissectors/packet-ieee802154.c by ensuring that an allocation step occurs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9260", url: "https://www.suse.com/security/cve/CVE-2018-9260", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9260", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9260", }, { cve: "CVE-2018-9261", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9261", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-nbap.c by prohibiting the self-linking of DCH-IDs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9261", url: "https://www.suse.com/security/cve/CVE-2018-9261", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9261", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9261", }, { cve: "CVE-2018-9262", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9262", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9262", url: "https://www.suse.com/security/cve/CVE-2018-9262", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9262", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9262", }, { cve: "CVE-2018-9263", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9263", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9263", url: "https://www.suse.com/security/cve/CVE-2018-9263", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9263", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9263", }, { cve: "CVE-2018-9264", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9264", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-adb.c by checking for a length inconsistency.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9264", url: "https://www.suse.com/security/cve/CVE-2018-9264", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9264", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9264", }, { cve: "CVE-2018-9265", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9265", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-tn3270.c has a memory leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9265", url: "https://www.suse.com/security/cve/CVE-2018-9265", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9265", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9265", }, { cve: "CVE-2018-9269", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9269", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9269", url: "https://www.suse.com/security/cve/CVE-2018-9269", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9269", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9269", }, { cve: "CVE-2018-9273", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9273", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9273", url: "https://www.suse.com/security/cve/CVE-2018-9273", }, { category: "external", summary: "SUSE Bug 1088200 for CVE-2018-9273", url: "https://bugzilla.suse.com/1088200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-9273", }, { cve: "CVE-2019-10894", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10894", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10894", url: "https://www.suse.com/security/cve/CVE-2019-10894", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10894", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10894", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10894", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10894", }, { cve: "CVE-2019-10895", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10895", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10895", url: "https://www.suse.com/security/cve/CVE-2019-10895", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10895", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10895", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10895", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10895", }, { cve: "CVE-2019-10896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10896", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10896", url: "https://www.suse.com/security/cve/CVE-2019-10896", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10896", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10896", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10896", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10896", }, { cve: "CVE-2019-10897", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10897", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-ieee80211.c by detecting cases in which the bit offset does not advance.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10897", url: "https://www.suse.com/security/cve/CVE-2019-10897", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10897", url: "https://bugzilla.suse.com/1131941", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10897", }, { cve: "CVE-2019-10898", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10898", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10898", url: "https://www.suse.com/security/cve/CVE-2019-10898", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10898", url: "https://bugzilla.suse.com/1131941", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10898", }, { cve: "CVE-2019-10899", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10899", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10899", url: "https://www.suse.com/security/cve/CVE-2019-10899", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10899", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10899", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10899", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10899", }, { cve: "CVE-2019-10900", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10900", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10900", url: "https://www.suse.com/security/cve/CVE-2019-10900", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10900", url: "https://bugzilla.suse.com/1131941", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10900", }, { cve: "CVE-2019-10901", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10901", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10901", url: "https://www.suse.com/security/cve/CVE-2019-10901", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10901", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10901", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10901", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10901", }, { cve: "CVE-2019-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10902", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10902", url: "https://www.suse.com/security/cve/CVE-2019-10902", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10902", url: "https://bugzilla.suse.com/1131941", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10902", }, { cve: "CVE-2019-10903", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-10903", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-10903", url: "https://www.suse.com/security/cve/CVE-2019-10903", }, { category: "external", summary: "SUSE Bug 1131941 for CVE-2019-10903", url: "https://bugzilla.suse.com/1131941", }, { category: "external", summary: "SUSE Bug 1131943 for CVE-2019-10903", url: "https://bugzilla.suse.com/1131943", }, { category: "external", summary: "SUSE Bug 1131945 for CVE-2019-10903", url: "https://bugzilla.suse.com/1131945", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-10903", }, { cve: "CVE-2019-13619", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-13619", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-13619", url: "https://www.suse.com/security/cve/CVE-2019-13619", }, { category: "external", summary: "SUSE Bug 1141980 for CVE-2019-13619", url: "https://bugzilla.suse.com/1141980", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-13619", }, { cve: "CVE-2019-16319", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-16319", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of zero.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-16319", url: "https://www.suse.com/security/cve/CVE-2019-16319", }, { category: "external", summary: "SUSE Bug 1150690 for CVE-2019-16319", url: "https://bugzilla.suse.com/1150690", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-16319", }, { cve: "CVE-2019-19553", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-19553", }, ], notes: [ { category: "general", text: "In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-19553", url: "https://www.suse.com/security/cve/CVE-2019-19553", }, { category: "external", summary: "SUSE Bug 1158505 for CVE-2019-19553", url: "https://bugzilla.suse.com/1158505", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-19553", }, { cve: "CVE-2019-5716", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5716", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5716", url: "https://www.suse.com/security/cve/CVE-2019-5716", }, { category: "external", summary: "SUSE Bug 1121231 for CVE-2019-5716", url: "https://bugzilla.suse.com/1121231", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5716", }, { cve: "CVE-2019-5717", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5717", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5717", url: "https://www.suse.com/security/cve/CVE-2019-5717", }, { category: "external", summary: "SUSE Bug 1121232 for CVE-2019-5717", url: "https://bugzilla.suse.com/1121232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5717", }, { cve: "CVE-2019-5718", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5718", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and other ASN.1 dissectors could crash. This was addressed in epan/charsets.c by adding a get_t61_string length check.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5718", url: "https://www.suse.com/security/cve/CVE-2019-5718", }, { category: "external", summary: "SUSE Bug 1121233 for CVE-2019-5718", url: "https://bugzilla.suse.com/1121233", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5718", }, { cve: "CVE-2019-5719", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5719", }, ], notes: [ { category: "general", text: "In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5719", url: "https://www.suse.com/security/cve/CVE-2019-5719", }, { category: "external", summary: "SUSE Bug 1121234 for CVE-2019-5719", url: "https://bugzilla.suse.com/1121234", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5719", }, { cve: "CVE-2019-5721", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-5721", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-5721", url: "https://www.suse.com/security/cve/CVE-2019-5721", }, { category: "external", summary: "SUSE Bug 1121235 for CVE-2019-5721", url: "https://bugzilla.suse.com/1121235", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-5721", }, { cve: "CVE-2019-9208", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9208", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL pointer dereferences.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9208", url: "https://www.suse.com/security/cve/CVE-2019-9208", }, { category: "external", summary: "SUSE Bug 1127370 for CVE-2019-9208", url: "https://bugzilla.suse.com/1127370", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-9208", }, { cve: "CVE-2019-9209", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9209", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9209", url: "https://www.suse.com/security/cve/CVE-2019-9209", }, { category: "external", summary: "SUSE Bug 1127369 for CVE-2019-9209", url: "https://bugzilla.suse.com/1127369", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-9209", }, { cve: "CVE-2019-9214", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-9214", }, ], notes: [ { category: "general", text: "In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-9214", url: "https://www.suse.com/security/cve/CVE-2019-9214", }, { category: "external", summary: "SUSE Bug 1127367 for CVE-2019-9214", url: "https://bugzilla.suse.com/1127367", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-9214", }, { cve: "CVE-2020-11647", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11647", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11647", url: "https://www.suse.com/security/cve/CVE-2020-11647", }, { category: "external", summary: "SUSE Bug 1169063 for CVE-2020-11647", url: "https://bugzilla.suse.com/1169063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-11647", }, { cve: "CVE-2020-13164", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-13164", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-13164", url: "https://www.suse.com/security/cve/CVE-2020-13164", }, { category: "external", summary: "SUSE Bug 1171899 for CVE-2020-13164", url: "https://bugzilla.suse.com/1171899", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-13164", }, { cve: "CVE-2020-15466", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-15466", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-15466", url: "https://www.suse.com/security/cve/CVE-2020-15466", }, { category: "external", summary: "SUSE Bug 1173606 for CVE-2020-15466", url: "https://bugzilla.suse.com/1173606", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-15466", }, { cve: "CVE-2020-17498", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17498", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-17498", url: "https://www.suse.com/security/cve/CVE-2020-17498", }, { category: "external", summary: "SUSE Bug 1175204 for CVE-2020-17498", url: "https://bugzilla.suse.com/1175204", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-17498", }, { cve: "CVE-2020-25862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25862", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25862", url: "https://www.suse.com/security/cve/CVE-2020-25862", }, { category: "external", summary: "SUSE Bug 1176909 for CVE-2020-25862", url: "https://bugzilla.suse.com/1176909", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25862", }, { cve: "CVE-2020-25863", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25863", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25863", url: "https://www.suse.com/security/cve/CVE-2020-25863", }, { category: "external", summary: "SUSE Bug 1176908 for CVE-2020-25863", url: "https://bugzilla.suse.com/1176908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25863", }, { cve: "CVE-2020-25866", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25866", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25866", url: "https://www.suse.com/security/cve/CVE-2020-25866", }, { category: "external", summary: "SUSE Bug 1176910 for CVE-2020-25866", url: "https://bugzilla.suse.com/1176910", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-25866", }, { cve: "CVE-2020-26418", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26418", }, ], notes: [ { category: "general", text: "Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26418", url: "https://www.suse.com/security/cve/CVE-2020-26418", }, { category: "external", summary: "SUSE Bug 1179930 for CVE-2020-26418", url: "https://bugzilla.suse.com/1179930", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-26418", }, { cve: "CVE-2020-26419", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26419", }, ], notes: [ { category: "general", text: "Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26419", url: "https://www.suse.com/security/cve/CVE-2020-26419", }, { category: "external", summary: "SUSE Bug 1179931 for CVE-2020-26419", url: "https://bugzilla.suse.com/1179931", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-26419", }, { cve: "CVE-2020-26420", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26420", }, ], notes: [ { category: "general", text: "Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26420", url: "https://www.suse.com/security/cve/CVE-2020-26420", }, { category: "external", summary: "SUSE Bug 1179932 for CVE-2020-26420", url: "https://bugzilla.suse.com/1179932", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2020-26420", }, { cve: "CVE-2020-26421", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26421", }, ], notes: [ { category: "general", text: "Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26421", url: "https://www.suse.com/security/cve/CVE-2020-26421", }, { category: "external", summary: "SUSE Bug 1179933 for CVE-2020-26421", url: "https://bugzilla.suse.com/1179933", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-26421", }, { cve: "CVE-2020-26422", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26422", }, ], notes: [ { category: "general", text: "Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26422", url: "https://www.suse.com/security/cve/CVE-2020-26422", }, { category: "external", summary: "SUSE Bug 1180232 for CVE-2020-26422", url: "https://bugzilla.suse.com/1180232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-26422", }, { cve: "CVE-2020-26575", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26575", }, ], notes: [ { category: "general", text: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26575", url: "https://www.suse.com/security/cve/CVE-2020-26575", }, { category: "external", summary: "SUSE Bug 1177406 for CVE-2020-26575", url: "https://bugzilla.suse.com/1177406", }, { category: "external", summary: "SUSE Bug 1178290 for CVE-2020-26575", url: "https://bugzilla.suse.com/1178290", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-26575", }, { cve: "CVE-2020-28030", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-28030", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-28030", url: "https://www.suse.com/security/cve/CVE-2020-28030", }, { category: "external", summary: "SUSE Bug 1178291 for CVE-2020-28030", url: "https://bugzilla.suse.com/1178291", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-28030", }, { cve: "CVE-2020-7044", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-7044", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-7044", url: "https://www.suse.com/security/cve/CVE-2020-7044", }, { category: "external", summary: "SUSE Bug 1161052 for CVE-2020-7044", url: "https://bugzilla.suse.com/1161052", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-7044", }, { cve: "CVE-2020-9428", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-9428", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-9428", url: "https://www.suse.com/security/cve/CVE-2020-9428", }, { category: "external", summary: "SUSE Bug 1165241 for CVE-2020-9428", url: "https://bugzilla.suse.com/1165241", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-9428", }, { cve: "CVE-2020-9429", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-9429", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-9429", url: "https://www.suse.com/security/cve/CVE-2020-9429", }, { category: "external", summary: "SUSE Bug 1165241 for CVE-2020-9429", url: "https://bugzilla.suse.com/1165241", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-9429", }, { cve: "CVE-2020-9430", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-9430", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-9430", url: "https://www.suse.com/security/cve/CVE-2020-9430", }, { category: "external", summary: "SUSE Bug 1165241 for CVE-2020-9430", url: "https://bugzilla.suse.com/1165241", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-9430", }, { cve: "CVE-2020-9431", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-9431", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-9431", url: "https://www.suse.com/security/cve/CVE-2020-9431", }, { category: "external", summary: "SUSE Bug 1165241 for CVE-2020-9431", url: "https://bugzilla.suse.com/1165241", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-9431", }, { cve: "CVE-2021-22173", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22173", }, ], notes: [ { category: "general", text: "Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22173", url: "https://www.suse.com/security/cve/CVE-2021-22173", }, { category: "external", summary: "SUSE Bug 1181598 for CVE-2021-22173", url: "https://bugzilla.suse.com/1181598", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22173", }, { cve: "CVE-2021-22174", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22174", }, ], notes: [ { category: "general", text: "Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22174", url: "https://www.suse.com/security/cve/CVE-2021-22174", }, { category: "external", summary: "SUSE Bug 1181599 for CVE-2021-22174", url: "https://bugzilla.suse.com/1181599", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22174", }, { cve: "CVE-2021-22191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22191", }, ], notes: [ { category: "general", text: "Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22191", url: "https://www.suse.com/security/cve/CVE-2021-22191", }, { category: "external", summary: "SUSE Bug 1183353 for CVE-2021-22191", url: "https://bugzilla.suse.com/1183353", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-22191", }, { cve: "CVE-2021-22207", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22207", }, ], notes: [ { category: "general", text: "Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22207", url: "https://www.suse.com/security/cve/CVE-2021-22207", }, { category: "external", summary: "SUSE Bug 1185128 for CVE-2021-22207", url: "https://bugzilla.suse.com/1185128", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22207", }, { cve: "CVE-2021-22235", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22235", }, ], notes: [ { category: "general", text: "Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-22235", url: "https://www.suse.com/security/cve/CVE-2021-22235", }, { category: "external", summary: "SUSE Bug 1188375 for CVE-2021-22235", url: "https://bugzilla.suse.com/1188375", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwireshark14-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwiretap11-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.s390x", "openSUSE Tumbleweed:libwsutil12-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-devel-3.4.8-1.2.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-3.4.8-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2021-22235", }, ], }
opensuse-su-2020:2076-1
Vulnerability from csaf_opensuse
Published
2020-11-27 09:28
Modified
2020-11-27 09:28
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
This update for wireshark fixes the following issues:
- wireshark was updated to 3.2.8:
- CVE-2020-26575: Fixed an issue where FBZERO dissector was entering in infinite loop (bsc#1177406)
- CVE-2020-28030: Fixed an issue where GQUIC dissector was crashing (bsc#1178291)
* Infinite memory allocation while parsing this tcp packet
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2020-2076
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for wireshark", title: "Title of the patch", }, { category: "description", text: "This update for wireshark fixes the following issues:\n\n- wireshark was updated to 3.2.8:\n - CVE-2020-26575: Fixed an issue where FBZERO dissector was entering in infinite loop (bsc#1177406)\n - CVE-2020-28030: Fixed an issue where GQUIC dissector was crashing (bsc#1178291)\n * Infinite memory allocation while parsing this tcp packet\n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2020-2076", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_2076-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2020:2076-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5P4NEYKGIIBUWVHMTUJCIGGFEUIWBFC7/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2020:2076-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5P4NEYKGIIBUWVHMTUJCIGGFEUIWBFC7/", }, { category: "self", summary: "SUSE Bug 1177406", url: "https://bugzilla.suse.com/1177406", }, { category: "self", summary: "SUSE Bug 1178291", url: "https://bugzilla.suse.com/1178291", }, { category: "self", summary: "SUSE CVE CVE-2020-26575 page", url: "https://www.suse.com/security/cve/CVE-2020-26575/", }, { category: "self", summary: "SUSE CVE CVE-2020-28030 page", url: "https://www.suse.com/security/cve/CVE-2020-28030/", }, ], title: "Security update for wireshark", tracking: { current_release_date: "2020-11-27T09:28:05Z", generator: { date: "2020-11-27T09:28:05Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2020:2076-1", initial_release_date: "2020-11-27T09:28:05Z", revision_history: [ { date: "2020-11-27T09:28:05Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libwireshark13-3.2.8-lp152.2.9.1.i586", product: { name: "libwireshark13-3.2.8-lp152.2.9.1.i586", product_id: "libwireshark13-3.2.8-lp152.2.9.1.i586", }, }, { category: "product_version", name: "libwiretap10-3.2.8-lp152.2.9.1.i586", product: { name: "libwiretap10-3.2.8-lp152.2.9.1.i586", product_id: "libwiretap10-3.2.8-lp152.2.9.1.i586", }, }, { category: "product_version", name: "libwsutil11-3.2.8-lp152.2.9.1.i586", product: { name: "libwsutil11-3.2.8-lp152.2.9.1.i586", product_id: "libwsutil11-3.2.8-lp152.2.9.1.i586", }, }, { category: "product_version", name: "wireshark-3.2.8-lp152.2.9.1.i586", product: { name: "wireshark-3.2.8-lp152.2.9.1.i586", product_id: "wireshark-3.2.8-lp152.2.9.1.i586", }, }, { category: "product_version", name: "wireshark-devel-3.2.8-lp152.2.9.1.i586", product: { name: "wireshark-devel-3.2.8-lp152.2.9.1.i586", product_id: "wireshark-devel-3.2.8-lp152.2.9.1.i586", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.8-lp152.2.9.1.i586", product: { name: "wireshark-ui-qt-3.2.8-lp152.2.9.1.i586", product_id: "wireshark-ui-qt-3.2.8-lp152.2.9.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "libwireshark13-3.2.8-lp152.2.9.1.x86_64", product: { name: "libwireshark13-3.2.8-lp152.2.9.1.x86_64", product_id: "libwireshark13-3.2.8-lp152.2.9.1.x86_64", }, }, { category: "product_version", name: "libwiretap10-3.2.8-lp152.2.9.1.x86_64", product: { name: "libwiretap10-3.2.8-lp152.2.9.1.x86_64", product_id: "libwiretap10-3.2.8-lp152.2.9.1.x86_64", }, }, { category: "product_version", name: "libwsutil11-3.2.8-lp152.2.9.1.x86_64", product: { name: "libwsutil11-3.2.8-lp152.2.9.1.x86_64", product_id: "libwsutil11-3.2.8-lp152.2.9.1.x86_64", }, }, { category: "product_version", name: "wireshark-3.2.8-lp152.2.9.1.x86_64", product: { name: "wireshark-3.2.8-lp152.2.9.1.x86_64", product_id: "wireshark-3.2.8-lp152.2.9.1.x86_64", }, }, { category: "product_version", name: "wireshark-devel-3.2.8-lp152.2.9.1.x86_64", product: { name: "wireshark-devel-3.2.8-lp152.2.9.1.x86_64", product_id: "wireshark-devel-3.2.8-lp152.2.9.1.x86_64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64", product: { name: "wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64", product_id: "wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.2", product: { name: "openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.8-lp152.2.9.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.i586", }, product_reference: "libwireshark13-3.2.8-lp152.2.9.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.8-lp152.2.9.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.x86_64", }, product_reference: "libwireshark13-3.2.8-lp152.2.9.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.8-lp152.2.9.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.i586", }, product_reference: "libwiretap10-3.2.8-lp152.2.9.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.8-lp152.2.9.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.x86_64", }, product_reference: "libwiretap10-3.2.8-lp152.2.9.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.8-lp152.2.9.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.i586", }, product_reference: "libwsutil11-3.2.8-lp152.2.9.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.8-lp152.2.9.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.x86_64", }, product_reference: "libwsutil11-3.2.8-lp152.2.9.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.8-lp152.2.9.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.i586", }, product_reference: "wireshark-3.2.8-lp152.2.9.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.8-lp152.2.9.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.x86_64", }, product_reference: "wireshark-3.2.8-lp152.2.9.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.8-lp152.2.9.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.i586", }, product_reference: "wireshark-devel-3.2.8-lp152.2.9.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.8-lp152.2.9.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.x86_64", }, product_reference: "wireshark-devel-3.2.8-lp152.2.9.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.8-lp152.2.9.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.i586", }, product_reference: "wireshark-ui-qt-3.2.8-lp152.2.9.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64", }, product_reference: "wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-26575", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26575", }, ], notes: [ { category: "general", text: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26575", url: "https://www.suse.com/security/cve/CVE-2020-26575", }, { category: "external", summary: "SUSE Bug 1177406 for CVE-2020-26575", url: "https://bugzilla.suse.com/1177406", }, { category: "external", summary: "SUSE Bug 1178290 for CVE-2020-26575", url: "https://bugzilla.suse.com/1178290", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-27T09:28:05Z", details: "moderate", }, ], title: "CVE-2020-26575", }, { cve: "CVE-2020-28030", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-28030", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-28030", url: "https://www.suse.com/security/cve/CVE-2020-28030", }, { category: "external", summary: "SUSE Bug 1178291 for CVE-2020-28030", url: "https://bugzilla.suse.com/1178291", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwireshark13-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwiretap10-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:libwsutil11-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-devel-3.2.8-lp152.2.9.1.x86_64", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.i586", "openSUSE Leap 15.2:wireshark-ui-qt-3.2.8-lp152.2.9.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-27T09:28:05Z", details: "moderate", }, ], title: "CVE-2020-28030", }, ], }
suse-su-2020:3376-1
Vulnerability from csaf_suse
Published
2020-11-19 08:29
Modified
2020-11-19 08:29
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
This update for wireshark fixes the following issues:
- wireshark was updated to 3.2.8:
- CVE-2020-26575: Fixed an issue where FBZERO dissector was entering in infinite loop (bsc#1177406)
- CVE-2020-28030: Fixed an issue where GQUIC dissector was crashing (bsc#1178291)
* Infinite memory allocation while parsing this tcp packet
Patchnames
SUSE-2020-3376,SUSE-SLE-Module-Basesystem-15-SP1-2020-3376,SUSE-SLE-Module-Basesystem-15-SP2-2020-3376,SUSE-SLE-Module-Desktop-Applications-15-SP1-2020-3376,SUSE-SLE-Module-Desktop-Applications-15-SP2-2020-3376
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for wireshark", title: "Title of the patch", }, { category: "description", text: "This update for wireshark fixes the following issues:\n\n- wireshark was updated to 3.2.8:\n - CVE-2020-26575: Fixed an issue where FBZERO dissector was entering in infinite loop (bsc#1177406)\n - CVE-2020-28030: Fixed an issue where GQUIC dissector was crashing (bsc#1178291)\n * Infinite memory allocation while parsing this tcp packet\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3376,SUSE-SLE-Module-Basesystem-15-SP1-2020-3376,SUSE-SLE-Module-Basesystem-15-SP2-2020-3376,SUSE-SLE-Module-Desktop-Applications-15-SP1-2020-3376,SUSE-SLE-Module-Desktop-Applications-15-SP2-2020-3376", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3376-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3376-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203376-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3376-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007794.html", }, { category: "self", summary: "SUSE Bug 1177406", url: "https://bugzilla.suse.com/1177406", }, { category: "self", summary: "SUSE Bug 1178291", url: "https://bugzilla.suse.com/1178291", }, { category: "self", summary: "SUSE CVE CVE-2020-26575 page", url: "https://www.suse.com/security/cve/CVE-2020-26575/", }, { category: "self", summary: "SUSE CVE CVE-2020-28030 page", url: "https://www.suse.com/security/cve/CVE-2020-28030/", }, ], title: "Security update for wireshark", tracking: { current_release_date: "2020-11-19T08:29:31Z", generator: { date: "2020-11-19T08:29:31Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3376-1", initial_release_date: "2020-11-19T08:29:31Z", revision_history: [ { date: "2020-11-19T08:29:31Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libwireshark13-3.2.8-3.44.1.aarch64", product: { name: "libwireshark13-3.2.8-3.44.1.aarch64", product_id: "libwireshark13-3.2.8-3.44.1.aarch64", }, }, { category: "product_version", name: "libwiretap10-3.2.8-3.44.1.aarch64", product: { name: "libwiretap10-3.2.8-3.44.1.aarch64", product_id: "libwiretap10-3.2.8-3.44.1.aarch64", }, }, { category: "product_version", name: "libwsutil11-3.2.8-3.44.1.aarch64", product: { name: "libwsutil11-3.2.8-3.44.1.aarch64", product_id: "libwsutil11-3.2.8-3.44.1.aarch64", }, }, { category: "product_version", name: "wireshark-3.2.8-3.44.1.aarch64", product: { name: "wireshark-3.2.8-3.44.1.aarch64", product_id: "wireshark-3.2.8-3.44.1.aarch64", }, }, { category: "product_version", name: "wireshark-devel-3.2.8-3.44.1.aarch64", product: { name: "wireshark-devel-3.2.8-3.44.1.aarch64", product_id: "wireshark-devel-3.2.8-3.44.1.aarch64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.8-3.44.1.aarch64", product: { name: "wireshark-ui-qt-3.2.8-3.44.1.aarch64", product_id: "wireshark-ui-qt-3.2.8-3.44.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libwireshark13-3.2.8-3.44.1.i586", product: { name: "libwireshark13-3.2.8-3.44.1.i586", product_id: "libwireshark13-3.2.8-3.44.1.i586", }, }, { category: "product_version", name: "libwiretap10-3.2.8-3.44.1.i586", product: { name: "libwiretap10-3.2.8-3.44.1.i586", product_id: "libwiretap10-3.2.8-3.44.1.i586", }, }, { category: "product_version", name: "libwsutil11-3.2.8-3.44.1.i586", product: { name: "libwsutil11-3.2.8-3.44.1.i586", product_id: "libwsutil11-3.2.8-3.44.1.i586", }, }, { category: "product_version", name: "wireshark-3.2.8-3.44.1.i586", product: { name: "wireshark-3.2.8-3.44.1.i586", product_id: "wireshark-3.2.8-3.44.1.i586", }, }, { category: "product_version", name: "wireshark-devel-3.2.8-3.44.1.i586", product: { name: "wireshark-devel-3.2.8-3.44.1.i586", product_id: "wireshark-devel-3.2.8-3.44.1.i586", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.8-3.44.1.i586", product: { name: "wireshark-ui-qt-3.2.8-3.44.1.i586", product_id: "wireshark-ui-qt-3.2.8-3.44.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "libwireshark13-3.2.8-3.44.1.ppc64le", product: { name: "libwireshark13-3.2.8-3.44.1.ppc64le", product_id: "libwireshark13-3.2.8-3.44.1.ppc64le", }, }, { category: "product_version", name: "libwiretap10-3.2.8-3.44.1.ppc64le", product: { name: "libwiretap10-3.2.8-3.44.1.ppc64le", product_id: "libwiretap10-3.2.8-3.44.1.ppc64le", }, }, { category: "product_version", name: "libwsutil11-3.2.8-3.44.1.ppc64le", product: { name: "libwsutil11-3.2.8-3.44.1.ppc64le", product_id: "libwsutil11-3.2.8-3.44.1.ppc64le", }, }, { category: "product_version", name: "wireshark-3.2.8-3.44.1.ppc64le", product: { name: "wireshark-3.2.8-3.44.1.ppc64le", product_id: "wireshark-3.2.8-3.44.1.ppc64le", }, }, { category: "product_version", name: "wireshark-devel-3.2.8-3.44.1.ppc64le", product: { name: "wireshark-devel-3.2.8-3.44.1.ppc64le", product_id: "wireshark-devel-3.2.8-3.44.1.ppc64le", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.8-3.44.1.ppc64le", product: { name: "wireshark-ui-qt-3.2.8-3.44.1.ppc64le", product_id: "wireshark-ui-qt-3.2.8-3.44.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libwireshark13-3.2.8-3.44.1.s390x", product: { name: "libwireshark13-3.2.8-3.44.1.s390x", product_id: "libwireshark13-3.2.8-3.44.1.s390x", }, }, { category: "product_version", name: "libwiretap10-3.2.8-3.44.1.s390x", product: { name: "libwiretap10-3.2.8-3.44.1.s390x", product_id: "libwiretap10-3.2.8-3.44.1.s390x", }, }, { category: "product_version", name: "libwsutil11-3.2.8-3.44.1.s390x", product: { name: "libwsutil11-3.2.8-3.44.1.s390x", product_id: "libwsutil11-3.2.8-3.44.1.s390x", }, }, { category: "product_version", name: "wireshark-3.2.8-3.44.1.s390x", product: { name: "wireshark-3.2.8-3.44.1.s390x", product_id: "wireshark-3.2.8-3.44.1.s390x", }, }, { category: "product_version", name: "wireshark-devel-3.2.8-3.44.1.s390x", product: { name: "wireshark-devel-3.2.8-3.44.1.s390x", product_id: "wireshark-devel-3.2.8-3.44.1.s390x", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.8-3.44.1.s390x", product: { name: "wireshark-ui-qt-3.2.8-3.44.1.s390x", product_id: "wireshark-ui-qt-3.2.8-3.44.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libwireshark13-3.2.8-3.44.1.x86_64", product: { name: "libwireshark13-3.2.8-3.44.1.x86_64", product_id: "libwireshark13-3.2.8-3.44.1.x86_64", }, }, { category: "product_version", name: "libwiretap10-3.2.8-3.44.1.x86_64", product: { name: "libwiretap10-3.2.8-3.44.1.x86_64", product_id: "libwiretap10-3.2.8-3.44.1.x86_64", }, }, { category: "product_version", name: "libwsutil11-3.2.8-3.44.1.x86_64", product: { name: "libwsutil11-3.2.8-3.44.1.x86_64", product_id: "libwsutil11-3.2.8-3.44.1.x86_64", }, }, { category: "product_version", name: "wireshark-3.2.8-3.44.1.x86_64", product: { name: "wireshark-3.2.8-3.44.1.x86_64", product_id: "wireshark-3.2.8-3.44.1.x86_64", }, }, { category: "product_version", name: "wireshark-devel-3.2.8-3.44.1.x86_64", product: { name: "wireshark-devel-3.2.8-3.44.1.x86_64", product_id: "wireshark-devel-3.2.8-3.44.1.x86_64", }, }, { category: "product_version", name: "wireshark-ui-qt-3.2.8-3.44.1.x86_64", product: { name: "wireshark-ui-qt-3.2.8-3.44.1.x86_64", product_id: "wireshark-ui-qt-3.2.8-3.44.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product: { name: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-desktop-applications:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product: { name: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-desktop-applications:15:sp2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.aarch64", }, product_reference: "libwireshark13-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.ppc64le", }, product_reference: "libwireshark13-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.s390x", }, product_reference: "libwireshark13-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.x86_64", }, product_reference: "libwireshark13-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.aarch64", }, product_reference: "libwiretap10-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.ppc64le", }, product_reference: "libwiretap10-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.s390x", }, product_reference: "libwiretap10-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.x86_64", }, product_reference: "libwiretap10-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.aarch64", }, product_reference: "libwsutil11-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.ppc64le", }, product_reference: "libwsutil11-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.s390x", }, product_reference: "libwsutil11-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.x86_64", }, product_reference: "libwsutil11-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.aarch64", }, product_reference: "wireshark-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.ppc64le", }, product_reference: "wireshark-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.s390x", }, product_reference: "wireshark-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.x86_64", }, product_reference: "wireshark-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.aarch64", }, product_reference: "libwireshark13-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.ppc64le", }, product_reference: "libwireshark13-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.s390x", }, product_reference: "libwireshark13-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwireshark13-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.x86_64", }, product_reference: "libwireshark13-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.aarch64", }, product_reference: "libwiretap10-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.ppc64le", }, product_reference: "libwiretap10-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.s390x", }, product_reference: "libwiretap10-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwiretap10-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.x86_64", }, product_reference: "libwiretap10-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.aarch64", }, product_reference: "libwsutil11-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.ppc64le", }, product_reference: "libwsutil11-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.s390x", }, product_reference: "libwsutil11-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "libwsutil11-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.x86_64", }, product_reference: "libwsutil11-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.aarch64", }, product_reference: "wireshark-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.ppc64le", }, product_reference: "wireshark-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.s390x", }, product_reference: "wireshark-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.x86_64", }, product_reference: "wireshark-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.aarch64", }, product_reference: "wireshark-devel-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.ppc64le", }, product_reference: "wireshark-devel-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.s390x", }, product_reference: "wireshark-devel-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.x86_64", }, product_reference: "wireshark-devel-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.aarch64", }, product_reference: "wireshark-ui-qt-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", }, product_reference: "wireshark-ui-qt-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.s390x", }, product_reference: "wireshark-ui-qt-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.x86_64", }, product_reference: "wireshark-ui-qt-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.aarch64", }, product_reference: "wireshark-devel-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.ppc64le", }, product_reference: "wireshark-devel-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.s390x", }, product_reference: "wireshark-devel-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.x86_64", }, product_reference: "wireshark-devel-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.8-3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.aarch64", }, product_reference: "wireshark-ui-qt-3.2.8-3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.8-3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", }, product_reference: "wireshark-ui-qt-3.2.8-3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.8-3.44.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.s390x", }, product_reference: "wireshark-ui-qt-3.2.8-3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-3.2.8-3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.x86_64", }, product_reference: "wireshark-ui-qt-3.2.8-3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Desktop Applications 15 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-26575", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-26575", }, ], notes: [ { category: "general", text: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-26575", url: "https://www.suse.com/security/cve/CVE-2020-26575", }, { category: "external", summary: "SUSE Bug 1177406 for CVE-2020-26575", url: "https://bugzilla.suse.com/1177406", }, { category: "external", summary: "SUSE Bug 1178290 for CVE-2020-26575", url: "https://bugzilla.suse.com/1178290", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-19T08:29:31Z", details: "moderate", }, ], title: "CVE-2020-26575", }, { cve: "CVE-2020-28030", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-28030", }, ], notes: [ { category: "general", text: "In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-28030", url: "https://www.suse.com/security/cve/CVE-2020-28030", }, { category: "external", summary: "SUSE Bug 1178291 for CVE-2020-28030", url: "https://bugzilla.suse.com/1178291", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwireshark13-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwiretap10-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:libwsutil11-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:wireshark-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:wireshark-ui-qt-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-devel-3.2.8-3.44.1.x86_64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.aarch64", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.ppc64le", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.s390x", "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:wireshark-ui-qt-3.2.8-3.44.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-19T08:29:31Z", details: "moderate", }, ], title: "CVE-2020-28030", }, ], }
fkie_cve-2020-26575
Vulnerability from fkie_nvd
Published
2020-10-06 15:15
Modified
2024-11-21 05:20
Severity ?
Summary
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wireshark | wireshark | * | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| debian | debian_linux | 9.0 | |
| oracle | zfs_storage_appliance_firmware | 8.8 | |
| oracle | zfs_storage_appliance | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", matchCriteriaId: "E1F39650-692D-4C46-B8EE-562776D6FA83", versionEndIncluding: "3.2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:zfs_storage_appliance_firmware:8.8:*:*:*:*:*:*:*", matchCriteriaId: "9DFA9ECF-AA1E-440C-A445-F2A21C94FCEA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:oracle:zfs_storage_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "79699341-FB18-4271-AA97-DAE164587E08", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", }, { lang: "es", value: "En Wireshark versiones hasta 3.2.7, el Facebook Zero Protocol (también se conoce como FBZERO), podría entrar en un bucle infinito. Esto fue abordado en el archivo epan/dissectors/packet-fbzero.c corrigiendo la implementación del avance de compensación", }, ], id: "CVE-2020-26575", lastModified: "2024-11-21T05:20:06.840", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-06T15:15:15.553", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://gitlab.com/wireshark/wireshark/-/issues/16887", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/467", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/471", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/472", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/473", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-08", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.wireshark.org/security/wnpa-sec-2020-14.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://gitlab.com/wireshark/wireshark/-/issues/16887", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/467", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/471", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/472", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/473", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.wireshark.org/security/wnpa-sec-2020-14.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-835", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2020-26575
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
Aliases
Aliases
{ GSD: { alias: "CVE-2020-26575", description: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", id: "GSD-2020-26575", references: [ "https://www.suse.com/security/cve/CVE-2020-26575.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2020-26575", ], details: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", id: "GSD-2020-26575", modified: "2023-12-13T01:22:09.188333Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26575", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://gitlab.com/wireshark/wireshark/-/issues/16887", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/issues/16887", }, { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/467", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/467", }, { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/471", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/471", }, { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/472", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/472", }, { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/473", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/473", }, { name: "https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab", refsource: "MISC", url: "https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab", }, { name: "GLSA-202011-08", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202011-08", }, { name: "FEDORA-2020-4cff262f07", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/", }, { name: "FEDORA-2020-d4344dd12f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3/", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { name: "https://www.wireshark.org/security/wnpa-sec-2020-14.html", refsource: "CONFIRM", url: "https://www.wireshark.org/security/wnpa-sec-2020-14.html", }, { name: "[debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "3.2.7", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:oracle:zfs_storage_appliance_firmware:8.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:oracle:zfs_storage_appliance:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-26575", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-835", }, ], }, ], }, references: { reference_data: [ { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/472", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/472", }, { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/471", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/471", }, { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/473", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/473", }, { name: "https://gitlab.com/wireshark/wireshark/-/issues/16887", refsource: "MISC", tags: [ "Broken Link", ], url: "https://gitlab.com/wireshark/wireshark/-/issues/16887", }, { name: "https://gitlab.com/wireshark/wireshark/-/merge_requests/467", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/merge_requests/467", }, { name: "https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab", }, { name: "https://www.wireshark.org/security/wnpa-sec-2020-14.html", refsource: "CONFIRM", tags: [ "Vendor Advisory", ], url: "https://www.wireshark.org/security/wnpa-sec-2020-14.html", }, { name: "GLSA-202011-08", refsource: "GENTOO", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-08", }, { name: "FEDORA-2020-4cff262f07", refsource: "FEDORA", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/", }, { name: "FEDORA-2020-d4344dd12f", refsource: "FEDORA", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2667E6WKVE56G66BVBVD7LJPIDOJ7K3/", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { name: "[debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, }, }, lastModifiedDate: "2021-02-11T14:48Z", publishedDate: "2020-10-06T15:15Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.