{"affected":[{"ecosystem_specific":{"binaries":[{"libwireshark8":"2.2.13-40.22.1","libwiretap6":"2.2.13-40.22.1","libwscodecs1":"2.2.13-40.22.1","libwsutil7":"2.2.13-40.22.1","wireshark":"2.2.13-40.22.1","wireshark-devel":"2.2.13-40.22.1","wireshark-gtk":"2.2.13-40.22.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 11 SP4","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.13-40.22.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libwireshark8":"2.2.13-40.22.1","libwiretap6":"2.2.13-40.22.1","libwscodecs1":"2.2.13-40.22.1","libwsutil7":"2.2.13-40.22.1","wireshark":"2.2.13-40.22.1","wireshark-gtk":"2.2.13-40.22.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP4","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.13-40.22.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libwireshark8":"2.2.13-40.22.1","libwiretap6":"2.2.13-40.22.1","libwscodecs1":"2.2.13-40.22.1","libwsutil7":"2.2.13-40.22.1","wireshark":"2.2.13-40.22.1","wireshark-gtk":"2.2.13-40.22.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 11 SP4","name":"wireshark","purl":"pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.2.13-40.22.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for wireshark fixes the following issues:\n\nSecurity issue fixed (bsc#1082692):\n\n- CVE-2018-7335: The IEEE 802.11 dissector could crash (wnpa-sec-2018-05)\n- CVE-2018-7321: thrift long dissector loop (dissect_thrift_map)\n- CVE-2018-7322: DICOM: inifinite loop (dissect_dcm_tag) \n- CVE-2018-7323: WCCP: very long loop (dissect_wccp2_alternate_mask_value_set_element) \n- CVE-2018-7324: SCCP: infinite loop (dissect_sccp_optional_parameters) \n- CVE-2018-7325: RPKI-Router Protocol: infinite loop (dissect_rpkirtr_pdu) \n- CVE-2018-7326: LLTD: infinite loop (dissect_lltd_tlv) \n- CVE-2018-7327: openflow_v6: infinite loop (dissect_openflow_bundle_control_v6) \n- CVE-2018-7328: USB-DARWIN: long loop (dissect_darwin_usb_iso_transfer) \n- CVE-2018-7329: S7COMM: infinite loop (s7comm_decode_ud_cpu_alarm_main) \n- CVE-2018-7330: thread_meshcop: infinite loop (get_chancount) \n- CVE-2018-7331: GTP: infinite loop (dissect_gprscdr_GGSNPDPRecord, dissect_ber_set) \n- CVE-2018-7332: RELOAD: infinite loop (dissect_statans) \n- CVE-2018-7333: RPCoRDMA: infinite loop in get_write_list_chunk_count\n- CVE-2018-7421: Multiple dissectors could go into large infinite loops (wnpa-sec-2018-06)\n- CVE-2018-7334: The UMTS MAC dissector could crash (wnpa-sec-2018-07)\n- CVE-2018-7337: The DOCSIS dissector could crash (wnpa-sec-2018-08)\n- CVE-2018-7336: The FCP dissector could crash (wnpa-sec-2018-09)\n- CVE-2018-7320: The SIGCOMP dissector could crash (wnpa-sec-2018-10)\n- CVE-2018-7420: The pcapng file parser could crash (wnpa-sec-2018-11)\n- CVE-2018-7417: The IPMI dissector could crash (wnpa-sec-2018-12)\n- CVE-2018-7418: The SIGCOMP dissector could crash (wnpa-sec-2018-13)\n- CVE-2018-7419: The NBAP disssector could crash (wnpa-sec-2018-14)\n- CVE-2017-17997: Misuse of NULL pointer in MRDISC dissector (bsc#1077080).\n","id":"SUSE-SU-2018:0867-1","modified":"2018-04-03T16:43:26Z","published":"2018-04-03T16:43:26Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20180867-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1077080"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082692"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-17997"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7320"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7321"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7322"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7323"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7324"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7325"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7326"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7327"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7328"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7329"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7330"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7331"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7332"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7333"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7334"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7335"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7336"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7337"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7417"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7418"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7419"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7420"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-7421"}],"related":["CVE-2017-17997","CVE-2018-7320","CVE-2018-7321","CVE-2018-7322","CVE-2018-7323","CVE-2018-7324","CVE-2018-7325","CVE-2018-7326","CVE-2018-7327","CVE-2018-7328","CVE-2018-7329","CVE-2018-7330","CVE-2018-7331","CVE-2018-7332","CVE-2018-7333","CVE-2018-7334","CVE-2018-7335","CVE-2018-7336","CVE-2018-7337","CVE-2018-7417","CVE-2018-7418","CVE-2018-7419","CVE-2018-7420","CVE-2018-7421"],"summary":"Security update for wireshark","upstream":["CVE-2017-17997","CVE-2018-7320","CVE-2018-7321","CVE-2018-7322","CVE-2018-7323","CVE-2018-7324","CVE-2018-7325","CVE-2018-7326","CVE-2018-7327","CVE-2018-7328","CVE-2018-7329","CVE-2018-7330","CVE-2018-7331","CVE-2018-7332","CVE-2018-7333","CVE-2018-7334","CVE-2018-7335","CVE-2018-7336","CVE-2018-7337","CVE-2018-7417","CVE-2018-7418","CVE-2018-7419","CVE-2018-7420","CVE-2018-7421"]}