SB2023080951 - SUSE update for wireshark

Main Vulnerability Database SB2023080951

SB2023080951 - SUSE update for wireshark

Published: August 9, 2023

Security Bulletin ID SB2023080951

CSH Severity

High

Patch available

YES

Number of vulnerabilities 9

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 9 vulnerabilities.

1) Out-of-bounds write (CVE-ID: CVE-2023-0667)

CWE-ID: CWE-787 - Out-of-bounds write

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing MSMMS packets. A remote attacker can send specially crafted packets via the network trigger an out-of-bounds write and execute arbitrary code on the target system.

2) Input validation error (CVE-ID: CVE-2023-0668)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the IEEE C37.118 Synchrophasor dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

3) Input validation error (CVE-ID: CVE-2023-2855)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in Candump log file parser. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

4) Input validation error (CVE-ID: CVE-2023-2856)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in VMS TCPIPtrace file parser. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

5) Input validation error (CVE-ID: CVE-2023-2857)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in BLF file parser. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

6) Input validation error (CVE-ID: CVE-2023-2858)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in NetScaler file parser. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

7) Infinite loop (CVE-ID: CVE-2023-2879)

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the GDSDB dissector. A remote attacker can pass specially crafted input to the application, consume all available system resources and cause denial of service conditions.

8) Infinite loop (CVE-ID: CVE-2023-2952)

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the XRA dissector. A remote attacker can pass specially crafted input to the application, consume all available system resources and cause denial of service conditions.

9) Input validation error (CVE-ID: CVE-2023-3648)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in Kafka dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2023/suse-su-20233252-1/

Vulnerable Software

SUSE Linux Enterprise Real Time 15: SP3 - SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP4 - SP5
SUSE Linux Enterprise Server 15: SP4 - SP5
SUSE Linux Enterprise Desktop 15: SP4 - SP5
SUSE Linux Enterprise High Performance Computing 15: SP4 - SP5
SUSE Manager Proxy: 4.2 - 4.3
SUSE Manager Retail Branch Server: 4.2 - 4.3
SUSE Manager Server: 4.2 - 4.3
Desktop Applications Module: 15-SP4 - 15-SP5
Basesystem Module: 15-SP4 - 15-SP5
openSUSE Leap: 15.4 - 15.5
wireshark-ui-qt-debuginfo: before 3.6.15-150000.3.97.1
libwiretap12-debuginfo: before 3.6.15-150000.3.97.1
wireshark-ui-qt: before 3.6.15-150000.3.97.1
libwiretap12: before 3.6.15-150000.3.97.1
libwsutil13-debuginfo: before 3.6.15-150000.3.97.1
wireshark: before 3.6.15-150000.3.97.1
wireshark-devel: before 3.6.15-150000.3.97.1
libwsutil13: before 3.6.15-150000.3.97.1
wireshark-debuginfo: before 3.6.15-150000.3.97.1
wireshark-debugsource: before 3.6.15-150000.3.97.1
libwireshark15: before 3.6.15-150000.3.97.1
libwireshark15-debuginfo: before 3.6.15-150000.3.97.1