Security update for wireshark

Announcement ID: SUSE-SU-2017:1663-1
Rating: moderate
References:
Cross-References:
CVSS scores:
  • CVE-2017-9343 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9343 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9344 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9344 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9345 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9345 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9346 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9346 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9347 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9347 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9348 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9348 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9349 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9349 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9350 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9350 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9351 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9351 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9352 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9352 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9353 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9353 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9354 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-9354 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
  • SUSE Linux Enterprise Desktop 12 SP2
  • SUSE Linux Enterprise High Performance Computing 12 SP2
  • SUSE Linux Enterprise Server 12 SP2
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2
  • SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
  • SUSE Linux Enterprise Software Development Kit 12 12-SP2

An update that solves 12 vulnerabilities can now be installed.

Description:

The network debugging tool wireshark was updated to version 2.2.7 to fix the following issues:

  • CVE-2017-9352: Bazaar dissector infinite loop (wnpa-sec-2017-22) (bsc#1042304)
  • CVE-2017-9348: DOF dissector read overflow (wnpa-sec-2017-23) (bsc#1042303)
  • CVE-2017-9351: DHCP dissector read overflow (wnpa-sec-2017-24) (bsc#1042302)
  • CVE-2017-9346: SoulSeek dissector infinite loop (wnpa-sec-2017-25) (bsc#1042301)
  • CVE-2017-9345: DNS dissector infinite loop (wnpa-sec-2017-26) (bsc#1042300)
  • CVE-2017-9349: DICOM dissector infinite loop (wnpa-sec-2017-27) (bsc#1042305)
  • CVE-2017-9350: openSAFETY dissector memory exh.. (wnpa-sec-2017-28) (bsc#1042299)
  • CVE-2017-9344: BT L2CAP dissector divide by zero (wnpa-sec-2017-29) (bsc#1042298)
  • CVE-2017-9343: MSNIP dissector crash (wnpa-sec-2017-30) (bsc#1042309)
  • CVE-2017-9347: ROS dissector crash (wnpa-sec-2017-31) (bsc#1042308)
  • CVE-2017-9354: RGMP dissector crash (wnpa-sec-2017-32) (bsc#1042307)
  • CVE-2017-9353: wireshark: IPv6 dissector crash (wnpa-sec-2017-33) (bsc#1042306)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Desktop 12 SP2
    zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1031=1
  • SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
    zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1031=1
  • SUSE Linux Enterprise Software Development Kit 12 12-SP2
    zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1031=1
  • SUSE Linux Enterprise High Performance Computing 12 SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1031=1
  • SUSE Linux Enterprise Server 12 SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1031=1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1031=1

Package List:

  • SUSE Linux Enterprise Desktop 12 SP2 (x86_64)
    • libwsutil7-2.2.7-47.1
    • libwiretap6-debuginfo-2.2.7-47.1
    • libwireshark8-debuginfo-2.2.7-47.1
    • wireshark-gtk-2.2.7-47.1
    • wireshark-debuginfo-2.2.7-47.1
    • libwscodecs1-2.2.7-47.1
    • libwireshark8-2.2.7-47.1
    • wireshark-debugsource-2.2.7-47.1
    • wireshark-gtk-debuginfo-2.2.7-47.1
    • libwsutil7-debuginfo-2.2.7-47.1
    • libwscodecs1-debuginfo-2.2.7-47.1
    • wireshark-2.2.7-47.1
    • libwiretap6-2.2.7-47.1
  • SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 (aarch64)
    • libwsutil7-2.2.7-47.1
    • libwiretap6-debuginfo-2.2.7-47.1
    • libwireshark8-debuginfo-2.2.7-47.1
    • wireshark-gtk-2.2.7-47.1
    • wireshark-debuginfo-2.2.7-47.1
    • libwscodecs1-2.2.7-47.1
    • libwireshark8-2.2.7-47.1
    • wireshark-debugsource-2.2.7-47.1
    • wireshark-gtk-debuginfo-2.2.7-47.1
    • libwsutil7-debuginfo-2.2.7-47.1
    • libwscodecs1-debuginfo-2.2.7-47.1
    • wireshark-2.2.7-47.1
    • libwiretap6-2.2.7-47.1
  • SUSE Linux Enterprise Software Development Kit 12 12-SP2 (aarch64 ppc64le s390x x86_64)
    • wireshark-debuginfo-2.2.7-47.1
    • wireshark-debugsource-2.2.7-47.1
    • wireshark-devel-2.2.7-47.1
  • SUSE Linux Enterprise High Performance Computing 12 SP2 (aarch64 x86_64)
    • libwsutil7-2.2.7-47.1
    • libwiretap6-debuginfo-2.2.7-47.1
    • libwireshark8-debuginfo-2.2.7-47.1
    • wireshark-gtk-2.2.7-47.1
    • wireshark-debuginfo-2.2.7-47.1
    • libwscodecs1-2.2.7-47.1
    • libwireshark8-2.2.7-47.1
    • wireshark-debugsource-2.2.7-47.1
    • wireshark-gtk-debuginfo-2.2.7-47.1
    • libwsutil7-debuginfo-2.2.7-47.1
    • libwscodecs1-debuginfo-2.2.7-47.1
    • wireshark-2.2.7-47.1
    • libwiretap6-2.2.7-47.1
  • SUSE Linux Enterprise Server 12 SP2 (aarch64 ppc64le s390x x86_64)
    • libwsutil7-2.2.7-47.1
    • libwiretap6-debuginfo-2.2.7-47.1
    • libwireshark8-debuginfo-2.2.7-47.1
    • wireshark-gtk-2.2.7-47.1
    • wireshark-debuginfo-2.2.7-47.1
    • libwscodecs1-2.2.7-47.1
    • libwireshark8-2.2.7-47.1
    • wireshark-debugsource-2.2.7-47.1
    • wireshark-gtk-debuginfo-2.2.7-47.1
    • libwsutil7-debuginfo-2.2.7-47.1
    • libwscodecs1-debuginfo-2.2.7-47.1
    • wireshark-2.2.7-47.1
    • libwiretap6-2.2.7-47.1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 (ppc64le x86_64)
    • libwsutil7-2.2.7-47.1
    • libwiretap6-debuginfo-2.2.7-47.1
    • libwireshark8-debuginfo-2.2.7-47.1
    • wireshark-gtk-2.2.7-47.1
    • wireshark-debuginfo-2.2.7-47.1
    • libwscodecs1-2.2.7-47.1
    • libwireshark8-2.2.7-47.1
    • wireshark-debugsource-2.2.7-47.1
    • wireshark-gtk-debuginfo-2.2.7-47.1
    • libwsutil7-debuginfo-2.2.7-47.1
    • libwscodecs1-debuginfo-2.2.7-47.1
    • wireshark-2.2.7-47.1
    • libwiretap6-2.2.7-47.1

References: