Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Mageia 9 MGASA-2024-0206: Critical Wireshark DoS Issues Fixed

mageia
Calendar Grey June 3, 2024
Dist Mageia Esm H88
Mageia's MGASA-2024-0207 advisory highlights significant flaws in the OpenSSL library, focusing on serious security vulnerabilities that could lead to information exposure.
Memory handling issue in editcap could cause denial of service via crafted capture file

Summary

Memory handling issue in editcap could cause denial of service via crafted capture file. (CVE-2024-4853) MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file. (CVE-2024-4854) Use after free issue in editcap could cause denial of service via crafted capture file. (CVE-2024-4855)

References

- https://bugs.mageia.org/show_bug.cgi?id=33258

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW/

- https://www.cve.org/CVERecord?id=CVE-2024-4853

- https://www.cve.org/CVERecord?id=CVE-2024-4854

- https://www.cve.org/CVERecord?id=CVE-2024-4855

Topics%20covered

Topics Covered

security advisory denial of service security fixes Wireshark Mageia

Resolution

SRPMS

- 9/core/wireshark-4.0.15-1.mga9

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 03 Jun 2024
URL: https://advisories.mageia.org/MGASA-2024-0206.html
Type: security
CVE: CVE-2024-4853, CVE-2024-4854, CVE-2024-4855

Topics%20covered

Topics Covered

security advisory denial of service security fixes Wireshark Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here