{"affected":[{"ecosystem_specific":{"binaries":[{"libwireshark8":"2.2.6-44.3","libwiretap6":"2.2.6-44.3","libwscodecs1":"2.2.6-44.3","libwsutil7":"2.2.6-44.3","wireshark":"2.2.6-44.3","wireshark-gtk":"2.2.6-44.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP1","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.6-44.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libwireshark8":"2.2.6-44.3","libwiretap6":"2.2.6-44.3","libwscodecs1":"2.2.6-44.3","libwsutil7":"2.2.6-44.3","wireshark":"2.2.6-44.3","wireshark-gtk":"2.2.6-44.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP2","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.6-44.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libwireshark8":"2.2.6-44.3","libwiretap6":"2.2.6-44.3","libwscodecs1":"2.2.6-44.3","libwsutil7":"2.2.6-44.3","wireshark":"2.2.6-44.3","wireshark-gtk":"2.2.6-44.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.6-44.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"wireshark-devel":"2.2.6-44.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP1","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.6-44.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"wireshark-devel":"2.2.6-44.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP2","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.6-44.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libwireshark8":"2.2.6-44.3","libwiretap6":"2.2.6-44.3","libwscodecs1":"2.2.6-44.3","libwsutil7":"2.2.6-44.3","wireshark":"2.2.6-44.3","wireshark-gtk":"2.2.6-44.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP1","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.6-44.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libwireshark8":"2.2.6-44.3","libwiretap6":"2.2.6-44.3","libwscodecs1":"2.2.6-44.3","libwsutil7":"2.2.6-44.3","wireshark":"2.2.6-44.3","wireshark-gtk":"2.2.6-44.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.6-44.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libwireshark8":"2.2.6-44.3","libwiretap6":"2.2.6-44.3","libwscodecs1":"2.2.6-44.3","libwsutil7":"2.2.6-44.3","wireshark":"2.2.6-44.3","wireshark-gtk":"2.2.6-44.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.6-44.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libwireshark8":"2.2.6-44.3","libwiretap6":"2.2.6-44.3","libwscodecs1":"2.2.6-44.3","libwsutil7":"2.2.6-44.3","wireshark":"2.2.6-44.3","wireshark-gtk":"2.2.6-44.3"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.6-44.3"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nWireshark was updated to version 2.2.6, which brings several new features, enhancements\nand bug fixes.\n\nThses security issues were fixed:\n\n- CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size (bsc#1033936)\n- CVE-2017-7701: In Wireshark the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type (bsc#1033937)\n- CVE-2017-7702: In Wireshark the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation (bsc#1033938)\n- CVE-2017-7703: In Wireshark the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly (bsc#1033939)\n- CVE-2017-7704: In Wireshark the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value (bsc#1033940)\n- CVE-2017-7705: In Wireshark the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset (bsc#1033941)\n- CVE-2017-7745: In Wireshark the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check (bsc#1033942)\n- CVE-2017-7746: In Wireshark the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining length (bsc#1033943)\n- CVE-2017-7747: In Wireshark the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree (bsc#1033944)\n- CVE-2017-7748: In Wireshark the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check (bsc#1033945)\n- CVE-2017-6014: In Wireshark a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory (bsc#1025913)\n- CVE-2017-5596: In Wireshark the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow (bsc#1021739)\n- CVE-2017-5597: In Wireshark the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow (bsc#1021739)\n- CVE-2016-9376: In Wireshark the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large (bsc#1010735)\n- CVE-2016-9375: In Wireshark the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful (bsc#1010740)\n- CVE-2016-9374: In Wireshark the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable (bsc#1010752)\n- CVE-2016-9373: In Wireshark the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings (bsc#1010754)\n- CVE-2016-7180: epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark did not properly consider whether a string is constant, which allowed remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet (bsc#998800)\n- CVE-2016-7179: Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark allowed remote attackers to cause a denial of service (application crash) via a crafted packet (bsc#998963)\n- CVE-2016-7178: epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark did not ensure that memory is allocated for certain data structures, which allowed remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet (bsc#998964)\n- CVE-2016-7177: epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark did not restrict the number of channels, which allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet (bsc#998763)\n- CVE-2016-7176: epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark called snprintf with one of its input buffers as the output buffer, which allowed remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet (bsc#998762)\n- CVE-2016-7175: epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark mishandled MAC address data, which allowed remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet (bsc#998761)\n- CVE-2016-6354: Heap-based buffer overflow in the yy_get_next_buffer function in Flex might have allowed context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read (bsc#990856).\n","id":"SUSE-SU-2017:1442-1","modified":"2017-05-30T11:22:49Z","published":"2017-05-30T11:22:49Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2017/suse-su-20171442-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1002981"},{"type":"REPORT","url":"https://bugzilla.suse.com/1010735"},{"type":"REPORT","url":"https://bugzilla.suse.com/1010740"},{"type":"REPORT","url":"https://bugzilla.suse.com/1010752"},{"type":"REPORT","url":"https://bugzilla.suse.com/1010754"},{"type":"REPORT","url":"https://bugzilla.suse.com/1010911"},{"type":"REPORT","url":"https://bugzilla.suse.com/1021739"},{"type":"REPORT","url":"https://bugzilla.suse.com/1025913"},{"type":"REPORT","url":"https://bugzilla.suse.com/1026507"},{"type":"REPORT","url":"https://bugzilla.suse.com/1027692"},{"type":"REPORT","url":"https://bugzilla.suse.com/1027998"},{"type":"REPORT","url":"https://bugzilla.suse.com/1033936"},{"type":"REPORT","url":"https://bugzilla.suse.com/1033937"},{"type":"REPORT","url":"https://bugzilla.suse.com/1033938"},{"type":"REPORT","url":"https://bugzilla.suse.com/1033939"},{"type":"REPORT","url":"https://bugzilla.suse.com/1033940"},{"type":"REPORT","url":"https://bugzilla.suse.com/1033941"},{"type":"REPORT","url":"https://bugzilla.suse.com/1033942"},{"type":"REPORT","url":"https://bugzilla.suse.com/1033943"},{"type":"REPORT","url":"https://bugzilla.suse.com/1033944"},{"type":"REPORT","url":"https://bugzilla.suse.com/1033945"},{"type":"REPORT","url":"https://bugzilla.suse.com/990856"},{"type":"REPORT","url":"https://bugzilla.suse.com/998761"},{"type":"REPORT","url":"https://bugzilla.suse.com/998762"},{"type":"REPORT","url":"https://bugzilla.suse.com/998763"},{"type":"REPORT","url":"https://bugzilla.suse.com/998800"},{"type":"REPORT","url":"https://bugzilla.suse.com/998963"},{"type":"REPORT","url":"https://bugzilla.suse.com/998964"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-6354"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-7175"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-7176"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-7177"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-7178"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-7179"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-7180"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-9373"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-9374"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-9375"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-9376"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5596"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5597"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-6014"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-7700"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-7701"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-7702"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-7703"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-7704"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-7705"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-7745"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-7746"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-7747"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-7748"}],"related":["CVE-2016-6354","CVE-2016-7175","CVE-2016-7176","CVE-2016-7177","CVE-2016-7178","CVE-2016-7179","CVE-2016-7180","CVE-2016-9373","CVE-2016-9374","CVE-2016-9375","CVE-2016-9376","CVE-2017-5596","CVE-2017-5597","CVE-2017-6014","CVE-2017-7700","CVE-2017-7701","CVE-2017-7702","CVE-2017-7703","CVE-2017-7704","CVE-2017-7705","CVE-2017-7745","CVE-2017-7746","CVE-2017-7747","CVE-2017-7748"],"summary":"Security update for wireshark","upstream":["CVE-2016-6354","CVE-2016-7175","CVE-2016-7176","CVE-2016-7177","CVE-2016-7178","CVE-2016-7179","CVE-2016-7180","CVE-2016-9373","CVE-2016-9374","CVE-2016-9375","CVE-2016-9376","CVE-2017-5596","CVE-2017-5597","CVE-2017-6014","CVE-2017-7700","CVE-2017-7701","CVE-2017-7702","CVE-2017-7703","CVE-2017-7704","CVE-2017-7705","CVE-2017-7745","CVE-2017-7746","CVE-2017-7747","CVE-2017-7748"]}