Security update for wireshark
SUSE Patch
security@suse.de
SUSE Security Team
SUSE-SU-2015:1676-1
Final
1
1
2015-09-16T11:51:22Z
current
2015-09-16T11:51:22Z
2015-09-16T11:51:22Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for wireshark
Wireshark has been updated to 1.12.7. (FATE#319388)
The following vulnerabilities have been fixed:
* Wireshark could crash when adding an item to the protocol tree. wnpa-sec-2015-21 CVE-2015-6241
* Wireshark could attempt to free invalid memory. wnpa-sec-2015-22 CVE-2015-6242
* Wireshark could crash when searching for a protocol dissector. wnpa-sec-2015-23 CVE-2015-6243
* The ZigBee dissector could crash. wnpa-sec-2015-24 CVE-2015-6244
* The GSM RLC/MAC dissector could go into an infinite loop. wnpa-sec-2015-25 CVE-2015-6245
* The WaveAgent dissector could crash. wnpa-sec-2015-26 CVE-2015-6246
* The OpenFlow dissector could go into an infinite loop. wnpa-sec-2015-27 CVE-2015-6247
* Wireshark could crash due to invalid ptvcursor length checking. wnpa-sec-2015-28 CVE-2015-6248
* The WCCP dissector could crash. wnpa-sec-2015-29 CVE-2015-6249
* Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html
Also a fix from 1.12.6 in GSM DTAP was backported. (bnc#935158 CVE-2015-4652)
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
sdksp3-wireshark-1127-12112,sdksp4-wireshark-1127-12112,slessp3-wireshark-1127-12112,slessp4-wireshark-1127-12112
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
Link for SUSE-SU-2015:1676-1
https://lists.suse.com/pipermail/sle-security-updates/2015-October/001609.html
E-Mail link for SUSE-SU-2015:1676-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/935158
SUSE Bug 935158
https://bugzilla.suse.com/941500
SUSE Bug 941500
https://www.suse.com/security/cve/CVE-2015-3813/
SUSE CVE CVE-2015-3813 page
https://www.suse.com/security/cve/CVE-2015-4652/
SUSE CVE CVE-2015-4652 page
https://www.suse.com/security/cve/CVE-2015-6241/
SUSE CVE CVE-2015-6241 page
https://www.suse.com/security/cve/CVE-2015-6242/
SUSE CVE CVE-2015-6242 page
https://www.suse.com/security/cve/CVE-2015-6243/
SUSE CVE CVE-2015-6243 page
https://www.suse.com/security/cve/CVE-2015-6244/
SUSE CVE CVE-2015-6244 page
https://www.suse.com/security/cve/CVE-2015-6245/
SUSE CVE CVE-2015-6245 page
https://www.suse.com/security/cve/CVE-2015-6246/
SUSE CVE CVE-2015-6246 page
https://www.suse.com/security/cve/CVE-2015-6247/
SUSE CVE CVE-2015-6247 page
https://www.suse.com/security/cve/CVE-2015-6248/
SUSE CVE CVE-2015-6248 page
https://www.suse.com/security/cve/CVE-2015-6249/
SUSE CVE CVE-2015-6249 page
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP3
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
wireshark-1.12.7-0.5.3
wireshark-devel-1.12.7-0.5.3
wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Server 11 SP3
wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA
wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Server 11 SP4
wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3
wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4
wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3
wireshark-devel-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3
wireshark-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4
wireshark-devel-1.12.7-0.5.3 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4
The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet.
CVE-2015-3813
SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3
moderate
5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
https://www.suse.com/security/cve/CVE-2015-3813.html
CVE-2015-3813
https://bugzilla.suse.com/930689
SUSE Bug 930689
epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions.
CVE-2015-4652
SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
https://www.suse.com/security/cve/CVE-2015-4652.html
CVE-2015-4652
https://bugzilla.suse.com/935158
SUSE Bug 935158
The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate a data structure after a failure to locate a number within a string, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2015-6241
SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
https://www.suse.com/security/cve/CVE-2015-6241.html
CVE-2015-6241
https://bugzilla.suse.com/941500
SUSE Bug 941500
The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block allocator in the memory manager in Wireshark 1.12.x before 1.12.7 does not properly consider a certain case of multiple realloc operations that restore a memory chunk to its original size, which allows remote attackers to cause a denial of service (incorrect free operation and application crash) via a crafted packet.
CVE-2015-6242
SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
https://www.suse.com/security/cve/CVE-2015-6242.html
CVE-2015-6242
https://bugzilla.suse.com/941500
SUSE Bug 941500
The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1) dissector_get_string_handle and (2) dissector_get_default_string_handle functions.
CVE-2015-6243
SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
https://www.suse.com/security/cve/CVE-2015-6243.html
CVE-2015-6243
https://bugzilla.suse.com/941500
SUSE Bug 941500
The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2015-6244
SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
https://www.suse.com/security/cve/CVE-2015-6244.html
CVE-2015-6244
https://bugzilla.suse.com/941500
SUSE Bug 941500
epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
CVE-2015-6245
SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
https://www.suse.com/security/cve/CVE-2015-6245.html
CVE-2015-6245
https://bugzilla.suse.com/941500
SUSE Bug 941500
The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2015-6246
SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
https://www.suse.com/security/cve/CVE-2015-6246.html
CVE-2015-6246
https://bugzilla.suse.com/941500
SUSE Bug 941500
The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
CVE-2015-6247
SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
https://www.suse.com/security/cve/CVE-2015-6247.html
CVE-2015-6247
https://bugzilla.suse.com/941500
SUSE Bug 941500
The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2015-6248
SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
https://www.suse.com/security/cve/CVE-2015-6248.html
CVE-2015-6248
https://bugzilla.suse.com/941500
SUSE Bug 941500
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2015-6249
SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Server for SAP Applications 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-1.12.7-0.5.3
SUSE Linux Enterprise Software Development Kit 11 SP4:wireshark-devel-1.12.7-0.5.3
moderate
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2015/suse-su-20151676-1/
https://www.suse.com/security/cve/CVE-2015-6249.html
CVE-2015-6249
https://bugzilla.suse.com/941500
SUSE Bug 941500