Vulnerability from csaf_suse
Published
2018-10-18 12:48
Modified
2018-10-18 12:48
Summary
Security update for wireshark

Notes

Title of the patch
Security update for wireshark
Description of the patch
This update for wireshark to version 2.4.9 fixes the following issues: Wireshark was updated to 2.4.9 (bsc#1094301, bsc#1106514). Security issues fixed: - CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44) - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45) - CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46) - CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301). - CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802) - CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794) - CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301). - CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301). - CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301). - CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777) - CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786) - CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804) - CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776) - CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301). - CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788) - CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301). - CVE-2018-11356: Fix DNS dissector crash (bsc#1094301). - CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810) - CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301). - CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791) - CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301). - CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800) Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-2.4.9.html
Patchnames
SUSE-SLE-SERVER-12-SP2-BCL-2018-2051
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).



{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "moderate",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for wireshark",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "This update for wireshark to version 2.4.9 fixes the following issues:\n\nWireshark was updated to 2.4.9 (bsc#1094301, bsc#1106514).\n\nSecurity issues fixed:\n\n- CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44)\n- CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45)\n- CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46)\n- CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301).\n- CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802)\n- CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794)\n- CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301).\n- CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301).\n- CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301).\n- CVE-2018-14342: BGP dissector large loop (wnpa-sec-2018-34, bsc#1101777)\n- CVE-2018-14343: ASN.1 BER dissector crash (wnpa-sec-2018-37, bsc#1101786)\n- CVE-2018-14340: Multiple dissectors could crash (wnpa-sec-2018-36, bsc#1101804)\n- CVE-2018-14341: DICOM dissector crash (wnpa-sec-2018-39, bsc#1101776)\n- CVE-2018-11358: Fix Q.931 dissector crash (bsc#1094301).\n- CVE-2018-14344: ISMP dissector crash (wnpa-sec-2018-35, bsc#1101788)\n- CVE-2018-11359: Fix multiple dissectors crashs (bsc#1094301).\n- CVE-2018-11356: Fix DNS dissector crash (bsc#1094301).\n- CVE-2018-14339: MMSE dissector infinite loop (wnpa-sec-2018-38, bsc#1101810)\n- CVE-2018-11357: Fix multiple dissectors that could consume excessive memory (bsc#1094301).\n- CVE-2018-14367: CoAP dissector crash (wnpa-sec-2018-42, bsc#1101791)\n- CVE-2018-11354: Fix IEEE 1905.1a dissector crash (bsc#1094301).\n- CVE-2018-14369: HTTP2 dissector crash (wnpa-sec-2018-41, bsc#1101800)\n\nFurther bug fixes and updated protocol support as listed in:\n  https://www.wireshark.org/docs/relnotes/wireshark-2.4.9.html\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-SLE-SERVER-12-SP2-BCL-2018-2051",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2891-2.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2018:2891-2",
            url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182891-2/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2018:2891-2",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004690.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1094301",
            url: "https://bugzilla.suse.com/1094301",
         },
         {
            category: "self",
            summary: "SUSE Bug 1101776",
            url: "https://bugzilla.suse.com/1101776",
         },
         {
            category: "self",
            summary: "SUSE Bug 1101777",
            url: "https://bugzilla.suse.com/1101777",
         },
         {
            category: "self",
            summary: "SUSE Bug 1101786",
            url: "https://bugzilla.suse.com/1101786",
         },
         {
            category: "self",
            summary: "SUSE Bug 1101788",
            url: "https://bugzilla.suse.com/1101788",
         },
         {
            category: "self",
            summary: "SUSE Bug 1101791",
            url: "https://bugzilla.suse.com/1101791",
         },
         {
            category: "self",
            summary: "SUSE Bug 1101794",
            url: "https://bugzilla.suse.com/1101794",
         },
         {
            category: "self",
            summary: "SUSE Bug 1101800",
            url: "https://bugzilla.suse.com/1101800",
         },
         {
            category: "self",
            summary: "SUSE Bug 1101802",
            url: "https://bugzilla.suse.com/1101802",
         },
         {
            category: "self",
            summary: "SUSE Bug 1101804",
            url: "https://bugzilla.suse.com/1101804",
         },
         {
            category: "self",
            summary: "SUSE Bug 1101810",
            url: "https://bugzilla.suse.com/1101810",
         },
         {
            category: "self",
            summary: "SUSE Bug 1106514",
            url: "https://bugzilla.suse.com/1106514",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-11354 page",
            url: "https://www.suse.com/security/cve/CVE-2018-11354/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-11355 page",
            url: "https://www.suse.com/security/cve/CVE-2018-11355/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-11356 page",
            url: "https://www.suse.com/security/cve/CVE-2018-11356/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-11357 page",
            url: "https://www.suse.com/security/cve/CVE-2018-11357/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-11358 page",
            url: "https://www.suse.com/security/cve/CVE-2018-11358/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-11359 page",
            url: "https://www.suse.com/security/cve/CVE-2018-11359/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-11360 page",
            url: "https://www.suse.com/security/cve/CVE-2018-11360/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-11361 page",
            url: "https://www.suse.com/security/cve/CVE-2018-11361/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-11362 page",
            url: "https://www.suse.com/security/cve/CVE-2018-11362/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-14339 page",
            url: "https://www.suse.com/security/cve/CVE-2018-14339/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-14340 page",
            url: "https://www.suse.com/security/cve/CVE-2018-14340/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-14341 page",
            url: "https://www.suse.com/security/cve/CVE-2018-14341/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-14342 page",
            url: "https://www.suse.com/security/cve/CVE-2018-14342/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-14343 page",
            url: "https://www.suse.com/security/cve/CVE-2018-14343/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-14344 page",
            url: "https://www.suse.com/security/cve/CVE-2018-14344/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-14367 page",
            url: "https://www.suse.com/security/cve/CVE-2018-14367/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-14368 page",
            url: "https://www.suse.com/security/cve/CVE-2018-14368/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-14369 page",
            url: "https://www.suse.com/security/cve/CVE-2018-14369/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-14370 page",
            url: "https://www.suse.com/security/cve/CVE-2018-14370/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-16056 page",
            url: "https://www.suse.com/security/cve/CVE-2018-16056/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-16057 page",
            url: "https://www.suse.com/security/cve/CVE-2018-16057/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2018-16058 page",
            url: "https://www.suse.com/security/cve/CVE-2018-16058/",
         },
      ],
      title: "Security update for wireshark",
      tracking: {
         current_release_date: "2018-10-18T12:48:30Z",
         generator: {
            date: "2018-10-18T12:48:30Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2018:2891-2",
         initial_release_date: "2018-10-18T12:48:30Z",
         revision_history: [
            {
               date: "2018-10-18T12:48:30Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "libwireshark9-2.4.9-48.29.1.x86_64",
                        product: {
                           name: "libwireshark9-2.4.9-48.29.1.x86_64",
                           product_id: "libwireshark9-2.4.9-48.29.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libwiretap7-2.4.9-48.29.1.x86_64",
                        product: {
                           name: "libwiretap7-2.4.9-48.29.1.x86_64",
                           product_id: "libwiretap7-2.4.9-48.29.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libwscodecs1-2.4.9-48.29.1.x86_64",
                        product: {
                           name: "libwscodecs1-2.4.9-48.29.1.x86_64",
                           product_id: "libwscodecs1-2.4.9-48.29.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "libwsutil8-2.4.9-48.29.1.x86_64",
                        product: {
                           name: "libwsutil8-2.4.9-48.29.1.x86_64",
                           product_id: "libwsutil8-2.4.9-48.29.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "wireshark-2.4.9-48.29.1.x86_64",
                        product: {
                           name: "wireshark-2.4.9-48.29.1.x86_64",
                           product_id: "wireshark-2.4.9-48.29.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "wireshark-gtk-2.4.9-48.29.1.x86_64",
                        product: {
                           name: "wireshark-gtk-2.4.9-48.29.1.x86_64",
                           product_id: "wireshark-gtk-2.4.9-48.29.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server 12 SP2-BCL",
                        product: {
                           name: "SUSE Linux Enterprise Server 12 SP2-BCL",
                           product_id: "SUSE Linux Enterprise Server 12 SP2-BCL",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles-bcl:12:sp2",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "libwireshark9-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
               product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
            },
            product_reference: "libwireshark9-2.4.9-48.29.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libwiretap7-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
               product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
            },
            product_reference: "libwiretap7-2.4.9-48.29.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libwscodecs1-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
               product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
            },
            product_reference: "libwscodecs1-2.4.9-48.29.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "libwsutil8-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
               product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
            },
            product_reference: "libwsutil8-2.4.9-48.29.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "wireshark-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
               product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
            },
            product_reference: "wireshark-2.4.9-48.29.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "wireshark-gtk-2.4.9-48.29.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
               product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            },
            product_reference: "wireshark-gtk-2.4.9-48.29.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2018-11354",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-11354",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-11354",
               url: "https://www.suse.com/security/cve/CVE-2018-11354",
            },
            {
               category: "external",
               summary: "SUSE Bug 1094301 for CVE-2018-11354",
               url: "https://bugzilla.suse.com/1094301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2018-11354",
      },
      {
         cve: "CVE-2018-11355",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-11355",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-11355",
               url: "https://www.suse.com/security/cve/CVE-2018-11355",
            },
            {
               category: "external",
               summary: "SUSE Bug 1094301 for CVE-2018-11355",
               url: "https://bugzilla.suse.com/1094301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2018-11355",
      },
      {
         cve: "CVE-2018-11356",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-11356",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-11356",
               url: "https://www.suse.com/security/cve/CVE-2018-11356",
            },
            {
               category: "external",
               summary: "SUSE Bug 1094301 for CVE-2018-11356",
               url: "https://bugzilla.suse.com/1094301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2018-11356",
      },
      {
         cve: "CVE-2018-11357",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-11357",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-11357",
               url: "https://www.suse.com/security/cve/CVE-2018-11357",
            },
            {
               category: "external",
               summary: "SUSE Bug 1094301 for CVE-2018-11357",
               url: "https://bugzilla.suse.com/1094301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2018-11357",
      },
      {
         cve: "CVE-2018-11358",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-11358",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-11358",
               url: "https://www.suse.com/security/cve/CVE-2018-11358",
            },
            {
               category: "external",
               summary: "SUSE Bug 1094301 for CVE-2018-11358",
               url: "https://bugzilla.suse.com/1094301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2018-11358",
      },
      {
         cve: "CVE-2018-11359",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-11359",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-11359",
               url: "https://www.suse.com/security/cve/CVE-2018-11359",
            },
            {
               category: "external",
               summary: "SUSE Bug 1094301 for CVE-2018-11359",
               url: "https://bugzilla.suse.com/1094301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2018-11359",
      },
      {
         cve: "CVE-2018-11360",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-11360",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a buffer overflow.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-11360",
               url: "https://www.suse.com/security/cve/CVE-2018-11360",
            },
            {
               category: "external",
               summary: "SUSE Bug 1094301 for CVE-2018-11360",
               url: "https://bugzilla.suse.com/1094301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2018-11360",
      },
      {
         cve: "CVE-2018-11361",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-11361",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-11361",
               url: "https://www.suse.com/security/cve/CVE-2018-11361",
            },
            {
               category: "external",
               summary: "SUSE Bug 1094301 for CVE-2018-11361",
               url: "https://bugzilla.suse.com/1094301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2018-11361",
      },
      {
         cve: "CVE-2018-11362",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-11362",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\\0' character.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-11362",
               url: "https://www.suse.com/security/cve/CVE-2018-11362",
            },
            {
               category: "external",
               summary: "SUSE Bug 1094301 for CVE-2018-11362",
               url: "https://bugzilla.suse.com/1094301",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "moderate",
            },
         ],
         title: "CVE-2018-11362",
      },
      {
         cve: "CVE-2018-14339",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-14339",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-14339",
               url: "https://www.suse.com/security/cve/CVE-2018-14339",
            },
            {
               category: "external",
               summary: "SUSE Bug 1101810 for CVE-2018-14339",
               url: "https://bugzilla.suse.com/1101810",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "low",
            },
         ],
         title: "CVE-2018-14339",
      },
      {
         cve: "CVE-2018-14340",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-14340",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-14340",
               url: "https://www.suse.com/security/cve/CVE-2018-14340",
            },
            {
               category: "external",
               summary: "SUSE Bug 1101804 for CVE-2018-14340",
               url: "https://bugzilla.suse.com/1101804",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "low",
            },
         ],
         title: "CVE-2018-14340",
      },
      {
         cve: "CVE-2018-14341",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-14341",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-14341",
               url: "https://www.suse.com/security/cve/CVE-2018-14341",
            },
            {
               category: "external",
               summary: "SUSE Bug 1101776 for CVE-2018-14341",
               url: "https://bugzilla.suse.com/1101776",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "low",
            },
         ],
         title: "CVE-2018-14341",
      },
      {
         cve: "CVE-2018-14342",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-14342",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-14342",
               url: "https://www.suse.com/security/cve/CVE-2018-14342",
            },
            {
               category: "external",
               summary: "SUSE Bug 1101777 for CVE-2018-14342",
               url: "https://bugzilla.suse.com/1101777",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "low",
            },
         ],
         title: "CVE-2018-14342",
      },
      {
         cve: "CVE-2018-14343",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-14343",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-14343",
               url: "https://www.suse.com/security/cve/CVE-2018-14343",
            },
            {
               category: "external",
               summary: "SUSE Bug 1101786 for CVE-2018-14343",
               url: "https://bugzilla.suse.com/1101786",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "low",
            },
         ],
         title: "CVE-2018-14343",
      },
      {
         cve: "CVE-2018-14344",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-14344",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-14344",
               url: "https://www.suse.com/security/cve/CVE-2018-14344",
            },
            {
               category: "external",
               summary: "SUSE Bug 1101788 for CVE-2018-14344",
               url: "https://bugzilla.suse.com/1101788",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "low",
            },
         ],
         title: "CVE-2018-14344",
      },
      {
         cve: "CVE-2018-14367",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-14367",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-14367",
               url: "https://www.suse.com/security/cve/CVE-2018-14367",
            },
            {
               category: "external",
               summary: "SUSE Bug 1101791 for CVE-2018-14367",
               url: "https://bugzilla.suse.com/1101791",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "low",
            },
         ],
         title: "CVE-2018-14367",
      },
      {
         cve: "CVE-2018-14368",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-14368",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-14368",
               url: "https://www.suse.com/security/cve/CVE-2018-14368",
            },
            {
               category: "external",
               summary: "SUSE Bug 1101794 for CVE-2018-14368",
               url: "https://bugzilla.suse.com/1101794",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "low",
            },
         ],
         title: "CVE-2018-14368",
      },
      {
         cve: "CVE-2018-14369",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-14369",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-14369",
               url: "https://www.suse.com/security/cve/CVE-2018-14369",
            },
            {
               category: "external",
               summary: "SUSE Bug 1101800 for CVE-2018-14369",
               url: "https://bugzilla.suse.com/1101800",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "low",
            },
         ],
         title: "CVE-2018-14369",
      },
      {
         cve: "CVE-2018-14370",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-14370",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-14370",
               url: "https://www.suse.com/security/cve/CVE-2018-14370",
            },
            {
               category: "external",
               summary: "SUSE Bug 1101802 for CVE-2018-14370",
               url: "https://bugzilla.suse.com/1101802",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "low",
            },
         ],
         title: "CVE-2018-14370",
      },
      {
         cve: "CVE-2018-16056",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-16056",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-16056",
               url: "https://www.suse.com/security/cve/CVE-2018-16056",
            },
            {
               category: "external",
               summary: "SUSE Bug 1106514 for CVE-2018-16056",
               url: "https://bugzilla.suse.com/1106514",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "important",
            },
         ],
         title: "CVE-2018-16056",
      },
      {
         cve: "CVE-2018-16057",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-16057",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-16057",
               url: "https://www.suse.com/security/cve/CVE-2018-16057",
            },
            {
               category: "external",
               summary: "SUSE Bug 1106514 for CVE-2018-16057",
               url: "https://bugzilla.suse.com/1106514",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "important",
            },
         ],
         title: "CVE-2018-16057",
      },
      {
         cve: "CVE-2018-16058",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2018-16058",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2018-16058",
               url: "https://www.suse.com/security/cve/CVE-2018-16058",
            },
            {
               category: "external",
               summary: "SUSE Bug 1106514 for CVE-2018-16058",
               url: "https://bugzilla.suse.com/1106514",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwireshark9-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwiretap7-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwscodecs1-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:libwsutil8-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-2.4.9-48.29.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP2-BCL:wireshark-gtk-2.4.9-48.29.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2018-10-18T12:48:30Z",
               details: "important",
            },
         ],
         title: "CVE-2018-16058",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.