Debian update for wireshark



Risk Medium
Patch available YES
Number of vulnerabilities 13
CVE-ID CVE-2023-0666
CVE-2023-0668
CVE-2023-1161
CVE-2023-1992
CVE-2023-1993
CVE-2023-1994
CVE-2023-2854
CVE-2023-2855
CVE-2023-2856
CVE-2023-2857
CVE-2023-2858
CVE-2023-2879
CVE-2023-2952
CWE-ID CWE-20
CWE-400
CWE-835
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Debian Linux
Operating systems & Components / Operating system

wireshark (Debian package)
Operating systems & Components / Operating system package or component

Vendor Debian

Security Bulletin

This security bulletin contains information about 13 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU76496

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0666

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the RTPS dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU76497

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0668

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the IEEE C37.118 Synchrophasor dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU72732

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1161

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within ISO 15765 and ISO 10681 dissectors. A remote attacker can pass specially crafted traffic to the application and perform a denial of service (DoS) attack.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Input validation error

EUVDB-ID: #VU75053

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1992

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in RPC over RDMA dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Resource exhaustion

EUVDB-ID: #VU75052

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1993

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in LISP dissector. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU75051

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1994

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in GQUIC dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Input validation error

EUVDB-ID: #VU76495

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2854

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in BLF file parser. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Input validation error

EUVDB-ID: #VU76490

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2855

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in Candump log file parser. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Input validation error

EUVDB-ID: #VU76494

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2856

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in VMS TCPIPtrace file parser. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Input validation error

EUVDB-ID: #VU76491

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2857

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in BLF file parser. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Input validation error

EUVDB-ID: #VU76493

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2858

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in NetScaler file parser. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Infinite loop

EUVDB-ID: #VU76492

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2879

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the GDSDB dissector. A remote attacker can pass specially crafted input to the application, consume all available system resources and cause denial of service conditions.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Infinite loop

EUVDB-ID: #VU76498

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2952

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the XRA dissector. A remote attacker can pass specially crafted input to the application, consume all available system resources and cause denial of service conditions.

Mitigation

Update wireshark package to version 4.0.6-1~deb12u1.

Vulnerable software versions

Debian Linux: All versions

wireshark (Debian package): before 4.0.6-1~deb12u1

CPE2.3 External links

http://www.debian.org/security/2023/dsa-5429


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###