SUSE update for wireshark



Published: 2024-09-19
Risk Medium
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2020-26421
CVE-2024-8250
CWE-ID CWE-125
CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		SUSE Linux Enterprise Software Development Kit 12
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 12
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 12
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 12
Operating systems & Components / Operating system

libwireshark9-debuginfo
Operating systems & Components / Operating system package or component

libwsutil8-debuginfo
Operating systems & Components / Operating system package or component

wireshark-gtk
Operating systems & Components / Operating system package or component

wireshark
Operating systems & Components / Operating system package or component

libwsutil8
Operating systems & Components / Operating system package or component

libwiretap7-debuginfo
Operating systems & Components / Operating system package or component

wireshark-gtk-debuginfo
Operating systems & Components / Operating system package or component

libwiretap7
Operating systems & Components / Operating system package or component

libwireshark9
Operating systems & Components / Operating system package or component

libwscodecs1-debuginfo
Operating systems & Components / Operating system package or component

libwscodecs1
Operating systems & Components / Operating system package or component

wireshark-devel
Operating systems & Components / Operating system package or component

wireshark-debuginfo
Operating systems & Components / Operating system package or component

wireshark-debugsource
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU49036

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-26421

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

Mitigation

Update the affected package wireshark to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Software Development Kit 12: SP5

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

libwireshark9-debuginfo: before 2.4.16-48.57.1

libwsutil8-debuginfo: before 2.4.16-48.57.1

wireshark-gtk: before 2.4.16-48.57.1

wireshark: before 2.4.16-48.57.1

libwsutil8: before 2.4.16-48.57.1

libwiretap7-debuginfo: before 2.4.16-48.57.1

wireshark-gtk-debuginfo: before 2.4.16-48.57.1

libwiretap7: before 2.4.16-48.57.1

libwireshark9: before 2.4.16-48.57.1

libwscodecs1-debuginfo: before 2.4.16-48.57.1

libwscodecs1: before 2.4.16-48.57.1

wireshark-devel: before 2.4.16-48.57.1

wireshark-debuginfo: before 2.4.16-48.57.1

wireshark-debugsource: before 2.4.16-48.57.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243323-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU96609

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-8250

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in NTLMSSP dissector. A remote attacker can send specially crafted packets via the network and perform a denial of service (DoS) attack.

Mitigation

Update the affected package wireshark to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Software Development Kit 12: SP5

SUSE Linux Enterprise Server for SAP Applications 12: SP5

SUSE Linux Enterprise Server 12: SP5

SUSE Linux Enterprise High Performance Computing 12: SP5

libwireshark9-debuginfo: before 2.4.16-48.57.1

libwsutil8-debuginfo: before 2.4.16-48.57.1

wireshark-gtk: before 2.4.16-48.57.1

wireshark: before 2.4.16-48.57.1

libwsutil8: before 2.4.16-48.57.1

libwiretap7-debuginfo: before 2.4.16-48.57.1

wireshark-gtk-debuginfo: before 2.4.16-48.57.1

libwiretap7: before 2.4.16-48.57.1

libwireshark9: before 2.4.16-48.57.1

libwscodecs1-debuginfo: before 2.4.16-48.57.1

libwscodecs1: before 2.4.16-48.57.1

wireshark-devel: before 2.4.16-48.57.1

wireshark-debuginfo: before 2.4.16-48.57.1

wireshark-debugsource: before 2.4.16-48.57.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20243323-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###