Main Vulnerability Database SB2024090957

SB2024090957 - SUSE update for wireshark

Published: September 9, 2024

Security Bulletin ID SB2024090957

Severity

High

Patch available

YES

Number of vulnerabilities 11

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2023-0414)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the EAP dissector. A remote attacker can pass specially crafted traffic to the application and perform a denial of service (DoS) attack.

2) Input validation error (CVE-ID: CVE-2023-0666)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the RTPS dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

3) Input validation error (CVE-ID: CVE-2023-2854)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in BLF file parser. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

4) Input validation error (CVE-ID: CVE-2023-3649)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in iSCSI dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

5) Memory leak (CVE-ID: CVE-2023-5371)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the RTPS dissector. A remote attacker can send specially crafted traffic to the system and perform a denial of service attack.

6) Resource exhaustion (CVE-ID: CVE-2023-6174)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the SSH dissector. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

7) Heap-based buffer overflow (CVE-ID: CVE-2023-6175)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the NetScreen file parser. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

8) Input validation error (CVE-ID: CVE-2024-0207)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the HTTP3 dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

9) Input validation error (CVE-ID: CVE-2024-0210)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the Zigbee TLV dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

10) Input validation error (CVE-ID: CVE-2024-0211)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the DOCSIS dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

11) Input validation error (CVE-ID: CVE-2024-2955)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the T.38 dissector. A remote attacker can send specially crafted traffic and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2024/suse-su-20243165-1/

Vulnerable Software

Desktop Applications Module: 15-SP6
Basesystem Module: 15-SP6
SUSE Linux Enterprise Real Time 15: SP6
openSUSE Leap: 15.6
SUSE Linux Enterprise Server for SAP Applications 15: SP6
SUSE Linux Enterprise Server 15: SP6
SUSE Linux Enterprise Desktop 15: SP6
wireshark-ui-qt-debuginfo: before 4.2.6-150600.18.6.1
wireshark-debugsource: before 4.2.6-150600.18.6.1
libwiretap14-debuginfo: before 4.2.6-150600.18.6.1
libwireshark17-debuginfo: before 4.2.6-150600.18.6.1
libwsutil15: before 4.2.6-150600.18.6.1
libwsutil15-debuginfo: before 4.2.6-150600.18.6.1
libwireshark17: before 4.2.6-150600.18.6.1
wireshark-ui-qt: before 4.2.6-150600.18.6.1
wireshark: before 4.2.6-150600.18.6.1
libwiretap14: before 4.2.6-150600.18.6.1
wireshark-debuginfo: before 4.2.6-150600.18.6.1
wireshark-devel: before 4.2.6-150600.18.6.1

SB2024090957 - SUSE update for wireshark

Breakdown by Severity

Description

Remediation

References

Please verify you're human