Updated wireshark packages fix security vulnerabilities
Publication date: 28 Feb 2018Modification date: 10 Apr 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-7320 , CVE-2018-7321 , CVE-2018-7322 , CVE-2018-7323 , CVE-2018-7324 , CVE-2018-7325 , CVE-2018-7326 , CVE-2018-7327 , CVE-2018-7328 , CVE-2018-7329 , CVE-2018-7330 , CVE-2018-7331 , CVE-2018-7332 , CVE-2018-7333 , CVE-2018-7334 , CVE-2018-7335 , CVE-2018-7336 , CVE-2018-7417 , CVE-2018-7418 , CVE-2018-7419 , CVE-2018-7420 , CVE-2018-9256 , CVE-2018-9259 , CVE-2018-9260 , CVE-2018-9261 , CVE-2018-9262 , CVE-2018-9263 , CVE-2018-9264 , CVE-2018-9265 , CVE-2018-9266 , CVE-2018-9267 , CVE-2018-9268 , CVE-2018-9269 , CVE-2018-9270 , CVE-2018-9271 , CVE-2018-9272 , CVE-2018-9273 , CVE-2018-9274
Description
The SIGCOMP dissector could crash (CVE-2018-7320).
Multiple dissectors could go into large infinite loops. All ASN.1 BER
dissectors, along with the DICOM, DMP, LLTD, OpenFlow, RELOAD, RPCoRDMA,
RPKI-Router, S7COMM, SCCP, Thread, Thrift, USB, and WCCP dissectors were
susceptible (CVE-2018-7321,CVE-2018-7322, CVE-2018-7323, CVE-2018-7324,
CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328,
CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332,
CVE-2018-7333).
The UMTS MAC dissector could crash (CVE-2018-7334).
The IEEE 802.11 dissector could crash (CVE-2018-7335)
The FCP dissector could crash (CVE-2018-7336).
The IPMI dissector could crash (CVE-2018-7417).
The SIGCOMP dissector could crash (CVE-2018-7418).
The NBAP disssector could crash (CVE-2018-7419).
The pcapng file parser could crash (CVE-2018-7420).
The LWAPP dissector could crash (CVE-2018-9256).
The MP4 dissector could crash (CVE-2018-9259).
The IEEE 802.15.4 dissector could crash (CVE-2018-9260).
The NBAP dissector could crash (CVE-2018-9261).
The VLAN dissector could crash (CVE-2018-9262).
The Kerberos dissector could crash (CVE-2018-9263).
The ADB dissector could crash (CVE-2018-9264).
Memory leaks in multiple dissectors (CVE-2018-9265, CVE-2018-9266,
CVE-2018-9267, CVE-2018-9268, CVE-2018-9269, CVE-2018-9270,
CVE-2018-9271, CVE-2018-9272, CVE-2018-9273, CVE-2018-9274).
References
- https://bugs.mageia.org/show_bug.cgi?id=22643
- https://www.wireshark.org/security/wnpa-sec-2018-05.html
- https://www.wireshark.org/security/wnpa-sec-2018-06.html
- https://www.wireshark.org/security/wnpa-sec-2018-07.html
- https://www.wireshark.org/security/wnpa-sec-2018-09.html
- https://www.wireshark.org/security/wnpa-sec-2018-10.html
- https://www.wireshark.org/security/wnpa-sec-2018-11.html
- https://www.wireshark.org/security/wnpa-sec-2018-12.html
- https://www.wireshark.org/security/wnpa-sec-2018-13.html
- https://www.wireshark.org/security/wnpa-sec-2018-14.html
- https://www.wireshark.org/security/wnpa-sec-2018-15.html
- https://www.wireshark.org/security/wnpa-sec-2018-16.html
- https://www.wireshark.org/security/wnpa-sec-2018-17.html
- https://www.wireshark.org/security/wnpa-sec-2018-18.html
- https://www.wireshark.org/security/wnpa-sec-2018-19.html
- https://www.wireshark.org/security/wnpa-sec-2018-20.html
- https://www.wireshark.org/security/wnpa-sec-2018-23.html
- https://www.wireshark.org/docs/relnotes/wireshark-2.2.13.html
- https://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html
- https://www.wireshark.org/news/20180223.html
- https://www.wireshark.org/news/20180403.html
- https://lists.opensuse.org/opensuse-updates/2018-04/msg00015.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7320
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7321
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7322
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7323
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7324
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7325
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7326
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7327
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7328
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7329
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7330
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7331
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7332
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7333
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7334
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7335
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7336
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7417
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7418
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7419
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7420
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9256
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9259
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9260
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9261
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9262
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9263
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9264
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9265
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9266
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9267
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9268
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9269
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9270
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9271
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9272
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9273
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9274
SRPMS
6/core
- wireshark-2.2.14-1.mga6