libwireshark14-3.4.10-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11641 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libwireshark14-3.4.10-1.1 on GA media These are all security issues fixed in the libwireshark14-3.4.10-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11641 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:11641 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2021-39920/ SUSE CVE CVE-2021-39920 page https://www.suse.com/security/cve/CVE-2021-39921/ SUSE CVE CVE-2021-39921 page https://www.suse.com/security/cve/CVE-2021-39922/ SUSE CVE CVE-2021-39922 page https://www.suse.com/security/cve/CVE-2021-39924/ SUSE CVE CVE-2021-39924 page https://www.suse.com/security/cve/CVE-2021-39925/ SUSE CVE CVE-2021-39925 page https://www.suse.com/security/cve/CVE-2021-39926/ SUSE CVE CVE-2021-39926 page https://www.suse.com/security/cve/CVE-2021-39928/ SUSE CVE CVE-2021-39928 page https://www.suse.com/security/cve/CVE-2021-39929/ SUSE CVE CVE-2021-39929 page openSUSE Tumbleweed libwireshark14-3.4.10-1.1 libwiretap11-3.4.10-1.1 libwsutil12-3.4.10-1.1 wireshark-3.4.10-1.1 wireshark-devel-3.4.10-1.1 wireshark-ui-qt-3.4.10-1.1 libwireshark14-3.4.10-1.1 as a component of openSUSE Tumbleweed libwiretap11-3.4.10-1.1 as a component of openSUSE Tumbleweed libwsutil12-3.4.10-1.1 as a component of openSUSE Tumbleweed wireshark-3.4.10-1.1 as a component of openSUSE Tumbleweed wireshark-devel-3.4.10-1.1 as a component of openSUSE Tumbleweed wireshark-ui-qt-3.4.10-1.1 as a component of openSUSE Tumbleweed NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file CVE-2021-39920 openSUSE Tumbleweed:libwireshark14-3.4.10-1.1 openSUSE Tumbleweed:libwiretap11-3.4.10-1.1 openSUSE Tumbleweed:libwsutil12-3.4.10-1.1 openSUSE Tumbleweed:wireshark-3.4.10-1.1 openSUSE Tumbleweed:wireshark-devel-3.4.10-1.1 openSUSE Tumbleweed:wireshark-ui-qt-3.4.10-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-39920.html CVE-2021-39920 https://bugzilla.suse.com/1192830 SUSE Bug 1192830 NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file CVE-2021-39921 openSUSE Tumbleweed:libwireshark14-3.4.10-1.1 openSUSE Tumbleweed:libwiretap11-3.4.10-1.1 openSUSE Tumbleweed:libwsutil12-3.4.10-1.1 openSUSE Tumbleweed:wireshark-3.4.10-1.1 openSUSE Tumbleweed:wireshark-devel-3.4.10-1.1 openSUSE Tumbleweed:wireshark-ui-qt-3.4.10-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-39921.html CVE-2021-39921 https://bugzilla.suse.com/1192830 SUSE Bug 1192830 Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file CVE-2021-39922 openSUSE Tumbleweed:libwireshark14-3.4.10-1.1 openSUSE Tumbleweed:libwiretap11-3.4.10-1.1 openSUSE Tumbleweed:libwsutil12-3.4.10-1.1 openSUSE Tumbleweed:wireshark-3.4.10-1.1 openSUSE Tumbleweed:wireshark-devel-3.4.10-1.1 openSUSE Tumbleweed:wireshark-ui-qt-3.4.10-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-39922.html CVE-2021-39922 https://bugzilla.suse.com/1192830 SUSE Bug 1192830 Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file CVE-2021-39924 openSUSE Tumbleweed:libwireshark14-3.4.10-1.1 openSUSE Tumbleweed:libwiretap11-3.4.10-1.1 openSUSE Tumbleweed:libwsutil12-3.4.10-1.1 openSUSE Tumbleweed:wireshark-3.4.10-1.1 openSUSE Tumbleweed:wireshark-devel-3.4.10-1.1 openSUSE Tumbleweed:wireshark-ui-qt-3.4.10-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-39924.html CVE-2021-39924 https://bugzilla.suse.com/1192830 SUSE Bug 1192830 Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file CVE-2021-39925 openSUSE Tumbleweed:libwireshark14-3.4.10-1.1 openSUSE Tumbleweed:libwiretap11-3.4.10-1.1 openSUSE Tumbleweed:libwsutil12-3.4.10-1.1 openSUSE Tumbleweed:wireshark-3.4.10-1.1 openSUSE Tumbleweed:wireshark-devel-3.4.10-1.1 openSUSE Tumbleweed:wireshark-ui-qt-3.4.10-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-39925.html CVE-2021-39925 https://bugzilla.suse.com/1192830 SUSE Bug 1192830 Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file CVE-2021-39926 openSUSE Tumbleweed:libwireshark14-3.4.10-1.1 openSUSE Tumbleweed:libwiretap11-3.4.10-1.1 openSUSE Tumbleweed:libwsutil12-3.4.10-1.1 openSUSE Tumbleweed:wireshark-3.4.10-1.1 openSUSE Tumbleweed:wireshark-devel-3.4.10-1.1 openSUSE Tumbleweed:wireshark-ui-qt-3.4.10-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-39926.html CVE-2021-39926 https://bugzilla.suse.com/1192830 SUSE Bug 1192830 NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file CVE-2021-39928 openSUSE Tumbleweed:libwireshark14-3.4.10-1.1 openSUSE Tumbleweed:libwiretap11-3.4.10-1.1 openSUSE Tumbleweed:libwsutil12-3.4.10-1.1 openSUSE Tumbleweed:wireshark-3.4.10-1.1 openSUSE Tumbleweed:wireshark-devel-3.4.10-1.1 openSUSE Tumbleweed:wireshark-ui-qt-3.4.10-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-39928.html CVE-2021-39928 https://bugzilla.suse.com/1192830 SUSE Bug 1192830 Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file CVE-2021-39929 openSUSE Tumbleweed:libwireshark14-3.4.10-1.1 openSUSE Tumbleweed:libwiretap11-3.4.10-1.1 openSUSE Tumbleweed:libwsutil12-3.4.10-1.1 openSUSE Tumbleweed:wireshark-3.4.10-1.1 openSUSE Tumbleweed:wireshark-devel-3.4.10-1.1 openSUSE Tumbleweed:wireshark-ui-qt-3.4.10-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-39929.html CVE-2021-39929 https://bugzilla.suse.com/1192830 SUSE Bug 1192830