Security update for wireshark SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:1676-1 Final 1 1 2015-09-16T11:51:22Z current 2015-09-16T11:51:22Z 2015-09-16T11:51:22Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wireshark Wireshark has been updated to 1.12.7. (FATE#319388) The following vulnerabilities have been fixed: * Wireshark could crash when adding an item to the protocol tree. wnpa-sec-2015-21 CVE-2015-6241 * Wireshark could attempt to free invalid memory. wnpa-sec-2015-22 CVE-2015-6242 * Wireshark could crash when searching for a protocol dissector. wnpa-sec-2015-23 CVE-2015-6243 * The ZigBee dissector could crash. wnpa-sec-2015-24 CVE-2015-6244 * The GSM RLC/MAC dissector could go into an infinite loop. wnpa-sec-2015-25 CVE-2015-6245 * The WaveAgent dissector could crash. wnpa-sec-2015-26 CVE-2015-6246 * The OpenFlow dissector could go into an infinite loop. wnpa-sec-2015-27 CVE-2015-6247 * Wireshark could crash due to invalid ptvcursor length checking. wnpa-sec-2015-28 CVE-2015-6248 * The WCCP dissector could crash. wnpa-sec-2015-29 CVE-2015-6249 * Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html Also a fix from 1.12.6 in GSM DTAP was backported. (bnc#935158 CVE-2015-4652) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp3-wireshark-1127-12112,sdksp4-wireshark-1127-12112,slessp3-wireshark-1127-12112,slessp4-wireshark-1127-12112 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ Link for SUSE-SU-2015:1676-1 https://lists.suse.com/pipermail/sle-security-updates/2015-October/001609.html E-Mail link for SUSE-SU-2015:1676-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/935158 SUSE Bug 935158 https://bugzilla.suse.com/941500 SUSE Bug 941500 https://www.suse.com/security/cve/CVE-2015-3813/ SUSE CVE CVE-2015-3813 page https://www.suse.com/security/cve/CVE-2015-4652/ SUSE CVE CVE-2015-4652 page https://www.suse.com/security/cve/CVE-2015-6241/ SUSE CVE CVE-2015-6241 page https://www.suse.com/security/cve/CVE-2015-6242/ SUSE CVE CVE-2015-6242 page https://www.suse.com/security/cve/CVE-2015-6243/ SUSE CVE CVE-2015-6243 page https://www.suse.com/security/cve/CVE-2015-6244/ SUSE CVE CVE-2015-6244 page https://www.suse.com/security/cve/CVE-2015-6245/ SUSE CVE CVE-2015-6245 page https://www.suse.com/security/cve/CVE-2015-6246/ SUSE CVE CVE-2015-6246 page https://www.suse.com/security/cve/CVE-2015-6247/ SUSE CVE CVE-2015-6247 page https://www.suse.com/security/cve/CVE-2015-6248/ SUSE CVE CVE-2015-6248 page https://www.suse.com/security/cve/CVE-2015-6249/ SUSE CVE CVE-2015-6249 page SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 wireshark-1.12.7-0.5.3 wireshark-devel-1.12.7-0.5.3 wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Server 11 SP3 wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Server 11 SP4 wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 wireshark-devel-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 wireshark-devel-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet. CVE-2015-3813 SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3 moderate 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ https://www.suse.com/security/cve/CVE-2015-3813.html CVE-2015-3813 https://bugzilla.suse.com/930689 SUSE Bug 930689 epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions. CVE-2015-4652 SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ https://www.suse.com/security/cve/CVE-2015-4652.html CVE-2015-4652 https://bugzilla.suse.com/935158 SUSE Bug 935158 The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate a data structure after a failure to locate a number within a string, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. CVE-2015-6241 SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ https://www.suse.com/security/cve/CVE-2015-6241.html CVE-2015-6241 https://bugzilla.suse.com/941500 SUSE Bug 941500 The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block allocator in the memory manager in Wireshark 1.12.x before 1.12.7 does not properly consider a certain case of multiple realloc operations that restore a memory chunk to its original size, which allows remote attackers to cause a denial of service (incorrect free operation and application crash) via a crafted packet. CVE-2015-6242 SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ https://www.suse.com/security/cve/CVE-2015-6242.html CVE-2015-6242 https://bugzilla.suse.com/941500 SUSE Bug 941500 The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1) dissector_get_string_handle and (2) dissector_get_default_string_handle functions. CVE-2015-6243 SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ https://www.suse.com/security/cve/CVE-2015-6243.html CVE-2015-6243 https://bugzilla.suse.com/941500 SUSE Bug 941500 The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. CVE-2015-6244 SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ https://www.suse.com/security/cve/CVE-2015-6244.html CVE-2015-6244 https://bugzilla.suse.com/941500 SUSE Bug 941500 epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. CVE-2015-6245 SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ https://www.suse.com/security/cve/CVE-2015-6245.html CVE-2015-6245 https://bugzilla.suse.com/941500 SUSE Bug 941500 The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. CVE-2015-6246 SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ https://www.suse.com/security/cve/CVE-2015-6246.html CVE-2015-6246 https://bugzilla.suse.com/941500 SUSE Bug 941500 The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. CVE-2015-6247 SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ https://www.suse.com/security/cve/CVE-2015-6247.html CVE-2015-6247 https://bugzilla.suse.com/941500 SUSE Bug 941500 The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. CVE-2015-6248 SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ https://www.suse.com/security/cve/CVE-2015-6248.html CVE-2015-6248 https://bugzilla.suse.com/941500 SUSE Bug 941500 The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. CVE-2015-6249 SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3 SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/ https://www.suse.com/security/cve/CVE-2015-6249.html CVE-2015-6249 https://bugzilla.suse.com/941500 SUSE Bug 941500