Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 568
Alerts This Week
Warning Icon 1 568

Debian 10 Buster: DLA-3443-1 Critical: Wireshark Crash Issues

debian lts
Calendar Grey June 3, 2023
Dist Debian Esm H88
Essential patches for Wireshark in Debian LTS released to tackle several crash vulnerabilities. Updates advised for improved system reliability.
Several vulnerabilities were fixed in the network traffic analyzer Wireshark

Summary

CVE-2023-2856

VMS TCPIPtrace file parser crash

CVE-2023-2858

NetScaler file parser crash

CVE-2023-2879

GDSDB infinite loop

CVE-2023-2952

XRA dissector infinite loop

For Debian 10 buster, these problems have been fixed in version
2.6.20-0+deb10u7.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/wireshark

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
critical
Lowest
Low
Medium
High
Critical

Package: wireshark
Version: 2.6.20-0+deb10u7
CVE ID: CVE-2023-2856 CVE-2023-2858 CVE-2023-2879 CVE-2023-2952

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.