Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

SUSE: 2018:2891-1 Moderate: Wireshark Dissector Crash Issues

suse
Calendar Grey September 27, 2018
Scroller Suse
SUSE Security Update: Addresses 22 vulnerabilities in Wireshark. Critical software upgrade ready for installation.
An update that fixes 22 vulnerabilities is now available

Summary

This update for wireshark to version 2.4.9 fixes the following issues: Wireshark was updated to 2.4.9 (bsc#1094301, bsc#1106514). Security issues fixed: - CVE-2018-16058: Bluetooth AVDTP dissector crash (wnpa-sec-2018-44) - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash (wnpa-sec-2018-45) - CVE-2018-16057: Radiotap dissector crash (wnpa-sec-2018-46) - CVE-2018-11355: Fix RTCP dissector crash (bsc#1094301). - CVE-2018-14370: IEEE 802.11 dissector crash (wnpa-sec-2018-43, bsc#1101802) - CVE-2018-14368: Bazaar dissector infinite loop (wnpa-sec-2018-40, bsc#1101794) - CVE-2018-11362: Fix LDSS dissector crash (bsc#1094301). - CVE-2018-11361: Fix IEEE 802.11 dissector crash (bsc#1094301). - CVE-2018-11360: Fix GSM A DTAP dissector crash (bsc#1094301).

References

#1094301 #1101776 #1101777 #1101786 #1101788

#1101791 #1101794 #1101800 #1101802 #1101804

#1101810 #1106514

Cross- CVE-2018-11354 CVE-2018-11355 CVE-2018-11356

CVE-2018-11357 CVE-2018-11358 CVE-2018-11359

CVE-2018-11360 CVE-2018-11361 CVE-2018-11362

CVE-2018-14339 CVE-2018-14340 CVE-2018-14341

CVE-2018-14342 CVE-2018-14343 CVE-2018-14344

CVE-2018-14367 CVE-2018-14368 CVE-2018-14369

CVE-2018-14370 CVE-2018-16056 CVE-2018-16057

CVE-2018-16058

Affected Products:

SUSE OpenStack Cloud 7

SUSE Linux Enterprise Software Development Kit 12-SP3

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server for SAP 12-SP1

SUSE Linux Enterprise Server 12-SP3

SUSE Linux Enterprise Server 12-SP2...

Read the Full Advisory

Announcement ID: SUSE-SU-2018:2891-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.