The MRDISC dissector could crash (CVE-2017-17997). The IxVeriWave file parser could crash (CVE-2018-5334). The WCP dissector could crash (CVE-2018-5335). Multiple dissectors could crash (CVE-2018-5336). Prior to this release dumpcap enabled the Linux kernel’s BPF JIT compiler via the net.core.bpf_jit_enable sysctl. This could make systems more vulnerable to Spectre variant 1 and this feature has been removed (CVE-2017-5753).

OSVersionArchitecturePackageVersionFilename
Mageia6noarchwireshark< 2.2.12-1wireshark-2.2.12-1.mga6

OS	Version	Architecture	Package	Version	Filename
Mageia	6	noarch	wireshark	< 2.2.12-1	wireshark-2.2.12-1.mga6

References

bugs.mageia.org/show_bug.cgi?id=22374

www.wireshark.org/docs/relnotes/wireshark-2.2.12.html

www.wireshark.org/news/20180111.html

www.wireshark.org/security/wnpa-sec-2018-01.html

www.wireshark.org/security/wnpa-sec-2018-02.html

www.wireshark.org/security/wnpa-sec-2018-03.html

www.wireshark.org/security/wnpa-sec-2018-04.html

nessus 58

openvas 33

kaspersky 2

osv 7

altlinux 1

debian 2

prion 5

redhatcve 7

cve 5

debiancve 5

ubuntucve 6

alpinelinux 5

suse 4

canvas 2

ubuntu 6

thn 3

ibm 10

slackware 1

apple 6

vmware 2

oraclelinux 3

msrc 1

fedora 4

intel 1

mageia 3

threatpost 1

xen 1

photon 1

zdt 1

packetstorm 1

redhat 6

huawei 1

seebug 1

nvidia 1

qualysblog 1

paloalto 1

malwarebytes 1

nessus

openSUSE Security Update : wireshark (openSUSE-2018-32) (Spectre)

2018-01-16 00:00:00

Wireshark 2.2.x < 2.2.12 / 2.4.x < 2.4.4 DoS Vulnerabilities (MacOS)

2018-01-18 00:00:00

Wireshark 2.2.x < 2.2.12 / 2.4.x < 2.4.4 DoS Vulnerabilities

2018-01-18 00:00:00

openvas

Mageia: Security Advisory (MGASA-2018-0071)

2022-01-28 00:00:00

Wireshark Security Updates (wnpa-sec-2018-04, wnpa-sec-2018-03, wnpa-sec-2018-01) - Windows

2018-01-16 00:00:00

Debian: Security Advisory (DSA-4101-1)

2018-01-27 00:00:00

kaspersky

KLA11176 Multiple DoS vulnerabilities in Wireshark

2018-01-11 00:00:00

KLA11173 OSI vulnerability in VMware Products

2018-01-09 00:00:00

osv

wireshark - security update

2018-01-26 00:00:00

wireshark - security update

2018-01-28 00:00:00

CVE-2018-5336

2018-01-11 21:29:00

altlinux

Security fix for the ALT Linux 9 package wireshark version 2.4.4-alt1

2018-01-17 00:00:00

debian

[SECURITY] [DLA 1258-1] wireshark security update

2018-01-26 22:16:10

[SECURITY] [DSA 4101-1] wireshark security update

2018-01-28 15:55:47

prion

Design/Logic Flaw

2018-01-11 21:29:00

Buffer overflow

2018-01-11 21:29:00

Out-of-bounds

2018-01-11 21:29:00

redhatcve

CVE-2018-5336

2018-01-15 06:20:00

CVE-2018-5335

2018-01-15 06:19:21

CVE-2018-5334

2018-01-15 06:19:43

cve

CVE-2018-5336

2018-01-11 21:29:00

CVE-2018-5335

2018-01-11 21:29:00

CVE-2018-5334

2018-01-11 21:29:00

debiancve

CVE-2018-5336

2018-01-11 21:29:00

CVE-2018-5334

2018-01-11 21:29:00

CVE-2018-5335

2018-01-11 21:29:00

ubuntucve

CVE-2018-5335

2018-01-11 00:00:00

CVE-2018-5334

2018-01-11 00:00:00

CVE-2018-5336

2018-01-11 00:00:00

alpinelinux

CVE-2018-5335

2018-01-11 21:29:00

CVE-2018-5336

2018-01-11 21:29:00

CVE-2018-5334

2018-01-11 21:29:00

suse

Security update for spectre-meltdown-checker (moderate)

2021-08-27 00:00:00

Security update for spectre-meltdown-checker (moderate)

2021-08-31 00:00:00

Security update for the Linux Kernel (important)

2018-01-16 21:08:59

canvas

Immunity Canvas: SPECTRE_FILE_LEAK

2018-01-04 13:29:00

Immunity Canvas: SPECTRE_SAM_LEAK

2018-01-04 13:29:00

ubuntu

NVIDIA graphics drivers vulnerability

2018-01-09 00:00:00

Linux kernel (KVM) vulnerabilities

2018-01-29 00:00:00

Linux kernel (Trusty HWE) vulnerabilities

2018-01-23 00:00:00

thn

NetSpectre — New Remote Spectre Attack Steals Data Over the Network

2018-07-27 08:31:00

GhostRace – New Data Leak Vulnerability Affects Modern CPUs

2024-03-15 17:46:00

New SpookJS Attack Bypasses Google Chrome's Site Isolation Protection

2021-09-13 07:54:00

ibm

Security Bulletin: IBM DataPower Gateway has released a fixpack in response to the vulnerability known as Spectre.

2021-06-08 22:18:27

Security Bulletin: IBM Db2 Warehouse has released a fix in response to the vulnerability known as Spectre (CVE-2017-5753)

2018-06-16 14:18:55

Security Bulletin: IBM Data Risk Manager has released VM v2.0.1 in response to the vulnerability known as Spectre.

2018-06-16 22:05:23

slackware

[slackware-security] Slackware 14.2 kernel

2018-02-26 23:17:47

apple

About the security content of iOS 11.2.2

2018-01-08 00:00:00

About the security content of iOS 11.2.2 - Apple Support

2018-01-08 10:30:27

About the security content of macOS High Sierra 10.13.2 Supplemental Update

2018-01-08 00:00:00

vmware

VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.

2018-01-03 00:00:00

VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.

2018-01-03 00:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2018-01-18 00:00:00

Unbreakable Enterprise kernel security update

2018-01-05 00:00:00

kernel security update

2018-02-23 00:00:00

msrc

Speculative Execution Bounty Launch

2018-03-15 00:00:04

fedora

[SECURITY] Fedora 27 Update: webkitgtk4-2.18.5-1.fc27

2018-01-12 14:44:12

[SECURITY] Fedora 26 Update: webkitgtk4-2.18.5-1.fc26

2018-01-18 21:11:25

[SECURITY] Fedora 28 Update: wireshark-2.4.5-3.fc28

2018-04-17 00:23:28

intel

Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method

2021-05-11 00:00:00

mageia

Updated kernel packages fix security vulnerabilities

2018-02-11 21:42:57

Updated webkit2 packages fix security vulnerabilities

2018-01-14 19:54:13

Updated nvidia-current packages mitigates security issues

2018-01-13 17:28:36

threatpost

Apple Releases Spectre Patches for Safari, macOS and iOS

2018-01-08 16:57:57

xen

Cache-load gadgets exploitable with L1TF

2019-01-21 12:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0098

2018-01-11 00:00:00

zdt

Multiple CPUs - Spectre Information Disclosure (PoC) Exploit

2018-01-04 00:00:00

packetstorm

Spectre Information Disclosure Proof Of Concept

2018-01-04 00:00:00

redhat

(RHSA-2018:0464) Important: kernel security and bug fix update

2018-03-07 14:50:33

(RHSA-2018:0009) Important: kernel security update

2018-01-03 22:33:10

(RHSA-2018:0091) Important: Red Hat CloudForms 4.5 security update

2018-01-15 21:33:25

huawei

Security Advisory - CPU Vulnerabilities Meltdown and Spectre

2018-06-06 00:00:00

seebug

Reading privileged memory with a side-channel (Meltdown & Spectre)

2018-01-04 00:00:00

nvidia

Security Bulletin: NVIDIA Jetson TX1, Jetson TK1, and Tegra K1 L4T Security Updates for CPU Speculative Side Channel Vulnerabilities

2018-01-05 00:00:00

qualysblog

Meltdown and Spectre Aren’t Business as Usual

2018-01-18 22:22:16

paloalto

Information about Meltdown and Spectre findings

2018-01-04 00:00:00

malwarebytes

Meltdown and Spectre fallout: patching problems persist

2018-01-11 14:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.976 High

EPSS

Percentile

100.0%

JSON

Related for MGASA-2018-0071