Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:SUSE-SU-2024:3165-1
HistorySep 09, 2024 - 7:25 a.m.

Security update for wireshark

2024-09-0907:25:24
Google
osv.dev
wireshark
update
security
version 4.2.6
cve-2024-0207
cve-2024-0210
cve-2024-0211
cve-2023-6174
cve-2023-6175
cve-2023-5371
cve-2023-3649
cve-2023-2854
cve-2023-0666
cve-2023-0414
desktopfile
super user password.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

Low

JSON

This update for wireshark fixes the following issues:

wireshark was updated from version 3.6.23 to version 4.2.6 (jsc#PED-8517):

  • Security issues fixed with this update:

    • CVE-2024-0207: HTTP3 dissector crash (bsc#1218503)
    • CVE-2024-0210: Zigbee TLV dissector crash (bsc#1218506)
    • CVE-2024-0211: DOCSIS dissector crash (bsc#1218507)
    • CVE-2023-6174: Fixed SSH dissector crash (bsc#1217247)
    • CVE-2023-6175: NetScreen file parser crash (bsc#1217272)
    • CVE-2023-5371: RTPS dissector memory leak (bsc#1215959)
    • CVE-2023-3649: iSCSI dissector crash (bsc#1213318)
    • CVE-2023-2854: BLF file parser crash (bsc#1211708)
    • CVE-2023-0666: RTPS dissector crash (bsc#1211709)
    • CVE-2023-0414: EAP dissector crash (bsc#1207666)

  • Major changes introduced with versions 4.2.0 and 4.0.0:

  • Added an aditional desktopfile to start wireshark which asks for
    the super user password.

Related

openvas 19
nessus 45
fedora 4
mageia 2
osv 17
debian 2
gentoo 1
redos 4
kaspersky 6
veracode 11
cve 11
ubuntucve 11
alpinelinux 5
cvelist 11
nvd 11
vulnrichment 2
debiancve 11
zdi 1
amazon 2
redhatcve 10
prion 9
rosalinux 2
photon 2
openvas
openvas
openSUSE: Security Advisory for wireshark (SUSE-SU-2024:3165-1)
2024-09-11 00:00:00
Wireshark Multiple Vulnerabilities (Jul 2024) - Mac OS X
2024-07-16 00:00:00
Wireshark Multiple Vulnerabilities (Jul 2024) - Linux
2024-07-16 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : wireshark (SUSE-SU-2024:3165-1)
2024-09-10 00:00:00
Fedora 39 : wireshark (2024-b72131479b)
2024-02-10 00:00:00
Fedora 38 : wireshark (2024-fdc7dfb959)
2024-02-11 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: wireshark-4.0.12-1.fc39
2024-02-10 01:26:42
[SECURITY] Fedora 38 Update: wireshark-4.0.12-1.fc38
2024-02-11 05:39:57
[SECURITY] Fedora 40 Update: wireshark-4.2.4-1.fc40
2024-04-19 21:43:11
mageia
mageia
Updated wireshark packages fix security vulnerabilities
2024-02-20 09:28:03
Updated wireshark packages fix security vulnerability
2024-04-26 09:47:12
osv
osv
libwireshark16-4.0.11-2.1 on GA media
2024-06-15 00:00:00
libwireshark17-4.2.1-1.1 on GA media
2024-06-15 00:00:00
wireshark - security update
2023-11-19 00:00:00
debian
debian
[SECURITY] [DSA 5559-1] wireshark security update
2023-11-19 20:14:31
[SECURITY] [DLA 3746-1] wireshark security update
2024-02-29 23:59:34
gentoo
gentoo
Wireshark: Multiple Vulnerabilities
2024-02-04 00:00:00
redos
redos
ROS-20240402-10
2024-04-02 00:00:00
ROS-20231013-06
2023-10-13 00:00:00
ROS-20240405-08
2024-04-05 00:00:00
kaspersky
kaspersky
KLA62768 Multiple vulnerabilities in Wireshark
2024-01-03 00:00:00
KLA62771 DoS vulnerability in Wireshark
2023-11-15 00:00:00
KLA61758 OSI vulnerability in Wireshark
2023-10-04 00:00:00
veracode
veracode
Heap-based Buffer Overflow
2023-11-28 14:33:13
Denial Of Service (DoS)
2023-10-08 06:05:04
Denial Of Service (DoS)
2023-11-28 14:33:14
cve
cve
CVE-2023-6175
2024-03-26 08:15:35
CVE-2023-6174
2023-11-16 12:15:07
CVE-2023-5371
2023-10-04 17:15:10
ubuntucve
ubuntucve
CVE-2023-5371
2023-10-04 00:00:00
CVE-2024-2955
2024-03-26 00:00:00
CVE-2023-6175
2024-03-26 00:00:00
alpinelinux
alpinelinux
CVE-2023-6175
2024-03-26 08:15:35
CVE-2024-2955
2024-03-26 20:15:11
CVE-2023-5371
2023-10-04 17:15:10
cvelist
cvelist
CVE-2023-6175 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark
2024-03-26 07:30:49
CVE-2023-5371 Memory Allocation with Excessive Size Value in Wireshark
2023-10-04 16:01:48
CVE-2023-6174 Out-of-bounds Read in Wireshark
2023-11-16 11:30:40
nvd
nvd
CVE-2023-6175
2024-03-26 08:15:35
CVE-2023-6174
2023-11-16 12:15:07
CVE-2024-2955
2024-03-26 20:15:11
vulnrichment
vulnrichment
CVE-2024-2955 Mismatched Memory Management Routines in Wireshark
2024-03-26 20:02:08
CVE-2023-6175 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark
2024-03-26 07:30:49
debiancve
debiancve
CVE-2024-2955
2024-03-26 20:15:11
CVE-2023-6175
2024-03-26 08:15:35
CVE-2023-6174
2023-11-16 12:15:07
zdi
zdi
Wireshark NetScreen File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
2024-03-28 00:00:00
amazon
amazon
Medium: wireshark
2023-11-29 22:19:00
Medium: wireshark
2024-04-24 22:15:00
redhatcve
redhatcve
CVE-2023-6175
2023-11-16 19:15:25
CVE-2023-6174
2023-11-16 19:15:22
CVE-2023-5371
2023-11-16 19:15:16
prion
prion
Input validation
2023-10-04 17:15:00
Design/Logic Flaw
2023-11-16 12:15:00
Design/Logic Flaw
2023-05-26 21:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2390
2024-04-02 07:35:41
Advisory ROSA-SA-2024-2388
2024-04-02 07:22:04
photon
photon
Moderate Photon OS Security Update - PHSA-2023-5.0-0114
2023-10-11 00:00:00
Moderate Photon OS Security Update - PHSA-2023-4.0-0521
2023-11-25 00:00:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

Low

JSON
Related for OSV:SUSE-SU-2024:3165-1
openvas19nessus45fedora4mageia2osv17debian2gentoo1redos4kaspersky6veracode11cve11ubuntucve11alpinelinux5cvelist11nvd11vulnrichment2debiancve11zdi1amazon2redhatcve10prion9rosalinux2photon2