[SECURITY] [DSA 5429-1] wireshark security update

2023-06-1518:05:29

lists.debian.org

cve-2023-2858

cve-2023-2952

cve-2023-1161

cve-2023-2857

cve-2023-2855

cve-2023-1994

cve-2023-2879

cve-2023-1993

debian

denial of service

network protocol analyzer

cve-2023-2854

cve-2023-0668

cve-2023-1992

wireshark

cve-2023-2856

arbitrary code

cve-2023-0666

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

48.5%

JSON

Debian Security Advisory DSA-5429-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
June 15, 2023 https://www.debian.org/security/faq

Package : wireshark
CVE ID : CVE-2023-0666 CVE-2023-0668 CVE-2023-1161 CVE-2023-1992
CVE-2023-1993 CVE-2023-1994 CVE-2023-2854 CVE-2023-2855
CVE-2023-2856 CVE-2023-2857 CVE-2023-2858 CVE-2023-2879
CVE-2023-2952

Multiple vulnerabilities have been discocvered in Wireshark, a network
protocol analyzer which could result in denial of service or the
execution of arbitrary code.

For the stable distribution (bookworm), these problems have been fixed in
version 4.0.6-1~deb12u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian12arm64libwsutil-dev< 4.0.6-1~deb12u1libwsutil-dev_4.0.6-1~deb12u1_arm64.deb
Debian10amd64libwiretap8< 2.6.20-0+deb10u6libwiretap8_2.6.20-0+deb10u6_amd64.deb
Debian12mipselwireshark-common< 4.0.6-1~deb12u1wireshark-common_4.0.6-1~deb12u1_mipsel.deb
Debian10arm64wireshark-common< 2.6.20-0+deb10u6wireshark-common_2.6.20-0+deb10u6_arm64.deb
Debian12armeltshark< 4.0.6-1~deb12u1tshark_4.0.6-1~deb12u1_armel.deb
Debian12amd64wireshark-qt< 4.0.6-1~deb12u1wireshark-qt_4.0.6-1~deb12u1_amd64.deb
Debian12ppc64ellibwireshark16-dbgsym< 4.0.6-1~deb12u1libwireshark16-dbgsym_4.0.6-1~deb12u1_ppc64el.deb
Debian12s390xlibwsutil14< 4.0.6-1~deb12u1libwsutil14_4.0.6-1~deb12u1_s390x.deb
Debian12mips64elwireshark-qt< 4.0.6-1~deb12u1wireshark-qt_4.0.6-1~deb12u1_mips64el.deb
Debian12armhfwireshark-common-dbgsym< 4.0.6-1~deb12u1wireshark-common-dbgsym_4.0.6-1~deb12u1_armhf.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	arm64	libwsutil-dev	< 4.0.6-1~deb12u1	libwsutil-dev_4.0.6-1~deb12u1_arm64.deb
Debian	10	amd64	libwiretap8	< 2.6.20-0+deb10u6	libwiretap8_2.6.20-0+deb10u6_amd64.deb
Debian	12	mipsel	wireshark-common	< 4.0.6-1~deb12u1	wireshark-common_4.0.6-1~deb12u1_mipsel.deb
Debian	10	arm64	wireshark-common	< 2.6.20-0+deb10u6	wireshark-common_2.6.20-0+deb10u6_arm64.deb
Debian	12	armel	tshark	< 4.0.6-1~deb12u1	tshark_4.0.6-1~deb12u1_armel.deb
Debian	12	amd64	wireshark-qt	< 4.0.6-1~deb12u1	wireshark-qt_4.0.6-1~deb12u1_amd64.deb
Debian	12	ppc64el	libwireshark16-dbgsym	< 4.0.6-1~deb12u1	libwireshark16-dbgsym_4.0.6-1~deb12u1_ppc64el.deb
Debian	12	s390x	libwsutil14	< 4.0.6-1~deb12u1	libwsutil14_4.0.6-1~deb12u1_s390x.deb
Debian	12	mips64el	wireshark-qt	< 4.0.6-1~deb12u1	wireshark-qt_4.0.6-1~deb12u1_mips64el.deb
Debian	12	armhf	wireshark-common-dbgsym	< 4.0.6-1~deb12u1	wireshark-common-dbgsym_4.0.6-1~deb12u1_armhf.deb