Security update for wireshark SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:0660-1 Final 1 1 2016-03-05T19:43:07Z current 2016-03-05T19:43:07Z 2016-03-05T19:43:07Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wireshark Wireshark was updated to 1.12.10, fixing a number issues in protocol dissectors that could have allowed a remote attacker to crash Wireshark or cause excessive CPU usage through specially crafted packages inserted into the network or a capture file, specifically: - CVE-2016-2523: DNP dissector infinite loop (wnpa-sec-2016-03) - CVE-2016-2530: RSL dissector crash (wnpa-sec-2016-10) - CVE-2016-2531: RSL dissector crash (wnpa-sec-2016-10) - CVE-2016-2532: LLRP dissector crash (wnpa-sec-2016-11) - GSM A-bis OML dissector crash (wnpa-sec-2016-14) - ASN.1 BER dissector crash (wnpa-sec-2016-15) - ASN.1 BER dissector crash (wnpa-sec-2016-18) Further bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-1.12.10.html The following non-security bugs were fixed: - boo#961170: Recommend wireshark-ui instead of requiring it to support text-only used The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2016-03/msg00015.html E-Mail link for openSUSE-SU-2016:0660-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 wireshark-1.12.10-17.1 wireshark-devel-1.12.10-17.1 wireshark-ui-gtk-1.12.10-17.1 wireshark-ui-qt-1.12.10-17.1 wireshark-1.12.10-17.1 as a component of openSUSE Leap 42.1 wireshark-devel-1.12.10-17.1 as a component of openSUSE Leap 42.1 wireshark-ui-gtk-1.12.10-17.1 as a component of openSUSE Leap 42.1 wireshark-ui-qt-1.12.10-17.1 as a component of openSUSE Leap 42.1 The dnp3_al_process_object function in epan/dissectors/packet-dnp.c in the DNP3 dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. CVE-2016-2523 openSUSE Leap 42.1:wireshark-1.12.10-17.1 openSUSE Leap 42.1:wireshark-devel-1.12.10-17.1 openSUSE Leap 42.1:wireshark-ui-gtk-1.12.10-17.1 openSUSE Leap 42.1:wireshark-ui-qt-1.12.10-17.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00015.html https://www.suse.com/security/cve/CVE-2016-2523.html CVE-2016-2523 https://bugzilla.suse.com/968565 SUSE Bug 968565 The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 mishandles the case of an unrecognized TLV type, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet, a different vulnerability than CVE-2016-2531. CVE-2016-2530 openSUSE Leap 42.1:wireshark-1.12.10-17.1 openSUSE Leap 42.1:wireshark-devel-1.12.10-17.1 openSUSE Leap 42.1:wireshark-ui-gtk-1.12.10-17.1 openSUSE Leap 42.1:wireshark-ui-qt-1.12.10-17.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00015.html https://www.suse.com/security/cve/CVE-2016-2530.html CVE-2016-2530 https://bugzilla.suse.com/968565 SUSE Bug 968565 Off-by-one error in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that triggers a 0xff tag value, a different vulnerability than CVE-2016-2530. CVE-2016-2531 openSUSE Leap 42.1:wireshark-1.12.10-17.1 openSUSE Leap 42.1:wireshark-devel-1.12.10-17.1 openSUSE Leap 42.1:wireshark-ui-gtk-1.12.10-17.1 openSUSE Leap 42.1:wireshark-ui-qt-1.12.10-17.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00015.html https://www.suse.com/security/cve/CVE-2016-2531.html CVE-2016-2531 https://bugzilla.suse.com/968565 SUSE Bug 968565 The dissect_llrp_parameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet. CVE-2016-2532 openSUSE Leap 42.1:wireshark-1.12.10-17.1 openSUSE Leap 42.1:wireshark-devel-1.12.10-17.1 openSUSE Leap 42.1:wireshark-ui-gtk-1.12.10-17.1 openSUSE Leap 42.1:wireshark-ui-qt-1.12.10-17.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-03/msg00015.html https://www.suse.com/security/cve/CVE-2016-2532.html CVE-2016-2532 https://bugzilla.suse.com/968565 SUSE Bug 968565