suse-su-2018:2891-2
Vulnerability from csaf_suse
Published
2018-10-18 12:48
Modified
2018-10-18 12:48
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
This update for wireshark to version 2.4.9 fixes the following issues:
Wireshark was updated to 2.4.9 (bsc#1094301, bsc#1106514).
Security issues fixed:
- CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)
- CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)
- CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)
- CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301).
- CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802)
- CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794)
- CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301).
- CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301).
- CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301).
- CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777)
- CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786)
- CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804)
- CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776)
- CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301).
- CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788)
- CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301).
- CVE-2018-11356: Fix DNS dissector crash (bsc#1094301).
- CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810)
- CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301).
- CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791)
- CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301).
- CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800)
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-2.4.9.html
Patchnames
SUSE-SLE-SERVER-12-SP2-BCL-2018-2051
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for wireshark",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for wireshark to version 2.4.9 fixes the following issues:\n\nWireshark was updated to 2.4.9 (bsc#1094301, bsc#1106514).\n\nSecurity issues fixed:\n\n- CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)\n- CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)\n- CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)\n- CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301).\n- CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802)\n- CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794)\n- CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301).\n- CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301).\n- CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301).\n- CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777)\n- CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786)\n- CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804)\n- CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776)\n- CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301).\n- CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788)\n- CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301).\n- CVE-2018-11356: Fix DNS dissector crash (bsc#1094301).\n- CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810)\n- CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301).\n- CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791)\n- CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301).\n- CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800)\n\nFurther bug fixes and updated protocol support as listed in:\n https://www.wireshark.org/docs/relnotes/wireshark-2.4.9.html\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SERVER-12-SP2-BCL-2018-2051",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2891-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2891-2",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182891-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2891-2",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004690.html"
},
{
"category": "self",
"summary": "SUSE Bug 1094301",
"url": "https://bugzilla.suse.com/1094301"
},
{
"category": "self",
"summary": "SUSE Bug 1101776",
"url": "https://bugzilla.suse.com/1101776"
},
{
"category": "self",
"summary": "SUSE Bug 1101777",
"url": "https://bugzilla.suse.com/1101777"
},
{
"category": "self",
"summary": "SUSE Bug 1101786",
"url": "https://bugzilla.suse.com/1101786"
},
{
"category": "self",
"summary": "SUSE Bug 1101788",
"url": "https://bugzilla.suse.com/1101788"
},
{
"category": "self",
"summary": "SUSE Bug 1101791",
"url": "https://bugzilla.suse.com/1101791"
},
{
"category": "self",
"summary": "SUSE Bug 1101794",
"url": "https://bugzilla.suse.com/1101794"
},
{
"category": "self",
"summary": "SUSE Bug 1101800",
"url": "https://bugzilla.suse.com/1101800"
},
{
"category": "self",
"summary": "SUSE Bug 1101802",
"url": "https://bugzilla.suse.com/1101802"
},
{
"category": "self",
"summary": "SUSE Bug 1101804",
"url": "https://bugzilla.suse.com/1101804"
},
{
"category": "self",
"summary": "SUSE Bug 1101810",
"url": "https://bugzilla.suse.com/1101810"
},
{
"category": "self",
"summary": "SUSE Bug 1106514",
"url": "https://bugzilla.suse.com/1106514"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11354 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11355 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11355/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11356 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11356/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11357 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11357/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11358 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11358/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11359 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11360 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11361 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-11362 page",
"url": "https://www.suse.com/security/cve/CVE-2018-11362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14339 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14340 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14340/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14341 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14342 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14342/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14343 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14343/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14344 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14344/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14367 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14368 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14369 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14369/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14370 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16056 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16057 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16058 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16058/"
}
],
"title": "Security update for wireshark",
"tracking": {
"current_release_date": "2018-10-18T12:48:30Z",
"generator": {
"date": "2018-10-18T12:48:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2891-2",
"initial_release_date": "2018-10-18T12:48:30Z",
"revision_history": [
{
"date": "2018-10-18T12:48:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libwireshark9-2.4.9-48.29.1.x86_64",
"product": {
"name": "libwireshark9-2.4.9-48.29.1.x86_64",
"product_id": "libwireshark9-2.4.9-48.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwiretap7-2.4.9-48.29.1.x86_64",
"product": {
"name": "libwiretap7-2.4.9-48.29.1.x86_64",
"product_id": "libwiretap7-2.4.9-48.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwscodecs1-2.4.9-48.29.1.x86_64",
"product": {
"name": "libwscodecs1-2.4.9-48.29.1.x86_64",
"product_id": "libwscodecs1-2.4.9-48.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwsutil8-2.4.9-48.29.1.x86_64",
"product": {
"name": "libwsutil8-2.4.9-48.29.1.x86_64",
"product_id": "libwsutil8-2.4.9-48.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "wireshark-2.4.9-48.29.1.x86_64",
"product": {
"name": "wireshark-2.4.9-48.29.1.x86_64",
"product_id": "wireshark-2.4.9-48.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "wireshark-gtk-2.4.9-48.29.1.x86_64",
"product": {
"name": "wireshark-gtk-2.4.9-48.29.1.x86_64",
"product_id": "wireshark-gtk-2.4.9-48.29.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libwireshark9-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64"
},
"product_reference": "libwireshark9-2.4.9-48.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwiretap7-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64"
},
"product_reference": "libwiretap7-2.4.9-48.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwscodecs1-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64"
},
"product_reference": "libwscodecs1-2.4.9-48.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwsutil8-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64"
},
"product_reference": "libwsutil8-2.4.9-48.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64"
},
"product_reference": "wireshark-2.4.9-48.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wireshark-gtk-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
},
"product_reference": "wireshark-gtk-2.4.9-48.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11354"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11354",
"url": "https://www.suse.com/security/cve/CVE-2018-11354"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11354",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-11354"
},
{
"cve": "CVE-2018-11355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11355"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11355",
"url": "https://www.suse.com/security/cve/CVE-2018-11355"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11355",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-11355"
},
{
"cve": "CVE-2018-11356",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11356"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11356",
"url": "https://www.suse.com/security/cve/CVE-2018-11356"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11356",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-11356"
},
{
"cve": "CVE-2018-11357",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11357"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11357",
"url": "https://www.suse.com/security/cve/CVE-2018-11357"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11357",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-11357"
},
{
"cve": "CVE-2018-11358",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11358"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11358",
"url": "https://www.suse.com/security/cve/CVE-2018-11358"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11358",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-11358"
},
{
"cve": "CVE-2018-11359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11359"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11359",
"url": "https://www.suse.com/security/cve/CVE-2018-11359"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11359",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-11359"
},
{
"cve": "CVE-2018-11360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11360"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11360",
"url": "https://www.suse.com/security/cve/CVE-2018-11360"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11360",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-11360"
},
{
"cve": "CVE-2018-11361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11361"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11361",
"url": "https://www.suse.com/security/cve/CVE-2018-11361"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11361",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-11361"
},
{
"cve": "CVE-2018-11362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-11362"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing \u0027\\0\u0027 character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-11362",
"url": "https://www.suse.com/security/cve/CVE-2018-11362"
},
{
"category": "external",
"summary": "SUSE Bug 1094301 for CVE-2018-11362",
"url": "https://bugzilla.suse.com/1094301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-11362"
},
{
"cve": "CVE-2018-14339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14339"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14339",
"url": "https://www.suse.com/security/cve/CVE-2018-14339"
},
{
"category": "external",
"summary": "SUSE Bug 1101810 for CVE-2018-14339",
"url": "https://bugzilla.suse.com/1101810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "low"
}
],
"title": "CVE-2018-14339"
},
{
"cve": "CVE-2018-14340",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14340"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14340",
"url": "https://www.suse.com/security/cve/CVE-2018-14340"
},
{
"category": "external",
"summary": "SUSE Bug 1101804 for CVE-2018-14340",
"url": "https://bugzilla.suse.com/1101804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "low"
}
],
"title": "CVE-2018-14340"
},
{
"cve": "CVE-2018-14341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14341"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14341",
"url": "https://www.suse.com/security/cve/CVE-2018-14341"
},
{
"category": "external",
"summary": "SUSE Bug 1101776 for CVE-2018-14341",
"url": "https://bugzilla.suse.com/1101776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "low"
}
],
"title": "CVE-2018-14341"
},
{
"cve": "CVE-2018-14342",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14342"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14342",
"url": "https://www.suse.com/security/cve/CVE-2018-14342"
},
{
"category": "external",
"summary": "SUSE Bug 1101777 for CVE-2018-14342",
"url": "https://bugzilla.suse.com/1101777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "low"
}
],
"title": "CVE-2018-14342"
},
{
"cve": "CVE-2018-14343",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14343"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14343",
"url": "https://www.suse.com/security/cve/CVE-2018-14343"
},
{
"category": "external",
"summary": "SUSE Bug 1101786 for CVE-2018-14343",
"url": "https://bugzilla.suse.com/1101786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "low"
}
],
"title": "CVE-2018-14343"
},
{
"cve": "CVE-2018-14344",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14344"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14344",
"url": "https://www.suse.com/security/cve/CVE-2018-14344"
},
{
"category": "external",
"summary": "SUSE Bug 1101788 for CVE-2018-14344",
"url": "https://bugzilla.suse.com/1101788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "low"
}
],
"title": "CVE-2018-14344"
},
{
"cve": "CVE-2018-14367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14367"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14367",
"url": "https://www.suse.com/security/cve/CVE-2018-14367"
},
{
"category": "external",
"summary": "SUSE Bug 1101791 for CVE-2018-14367",
"url": "https://bugzilla.suse.com/1101791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "low"
}
],
"title": "CVE-2018-14367"
},
{
"cve": "CVE-2018-14368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14368"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14368",
"url": "https://www.suse.com/security/cve/CVE-2018-14368"
},
{
"category": "external",
"summary": "SUSE Bug 1101794 for CVE-2018-14368",
"url": "https://bugzilla.suse.com/1101794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "low"
}
],
"title": "CVE-2018-14368"
},
{
"cve": "CVE-2018-14369",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14369"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14369",
"url": "https://www.suse.com/security/cve/CVE-2018-14369"
},
{
"category": "external",
"summary": "SUSE Bug 1101800 for CVE-2018-14369",
"url": "https://bugzilla.suse.com/1101800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "low"
}
],
"title": "CVE-2018-14369"
},
{
"cve": "CVE-2018-14370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14370"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14370",
"url": "https://www.suse.com/security/cve/CVE-2018-14370"
},
{
"category": "external",
"summary": "SUSE Bug 1101802 for CVE-2018-14370",
"url": "https://bugzilla.suse.com/1101802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "low"
}
],
"title": "CVE-2018-14370"
},
{
"cve": "CVE-2018-16056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16056"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16056",
"url": "https://www.suse.com/security/cve/CVE-2018-16056"
},
{
"category": "external",
"summary": "SUSE Bug 1106514 for CVE-2018-16056",
"url": "https://bugzilla.suse.com/1106514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "important"
}
],
"title": "CVE-2018-16056"
},
{
"cve": "CVE-2018-16057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16057"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16057",
"url": "https://www.suse.com/security/cve/CVE-2018-16057"
},
{
"category": "external",
"summary": "SUSE Bug 1106514 for CVE-2018-16057",
"url": "https://bugzilla.suse.com/1106514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "important"
}
],
"title": "CVE-2018-16057"
},
{
"cve": "CVE-2018-16058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16058"
}
],
"notes": [
{
"category": "general",
"text": "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16058",
"url": "https://www.suse.com/security/cve/CVE-2018-16058"
},
{
"category": "external",
"summary": "SUSE Bug 1106514 for CVE-2018-16058",
"url": "https://bugzilla.suse.com/1106514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-18T12:48:30Z",
"details": "important"
}
],
"title": "CVE-2018-16058"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…