CVE-2020-9429

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value...

Node.js third-party modules: [wireguard-wrapper] Command Injection via insecure command concatenation

I would like to report a Command Injection issue in the wireguard-wrapper module. It allows to execute arbitrary commands on the victim's PC. Module module name: wireguard-wrapper version: 1.0.2 npm page: https://www.npmjs.com/package/wireguard-wrapper Module Description This project is a nodejs...

MGASA-2020-0162 Updated kernel packages fix security issues

This update is based on upstream 5.5.15 and fixes some security related issues related to use after free and null pointer dereferences and also some other bugfixes. Other fixes in this update: - WireGuard module has been updated to v1.0.20200401 - ndiswrapper has been fixed and re-enabled mga2643...

Updated kernel packages fix security issues

This update is based on upstream 5.5.15 and fixes some security related issues related to use after free and null pointer dereferences and also some other bugfixes. Other fixes in this update: - WireGuard module has been updated to v1.0.20200401 - ndiswrapper has been fixed and re-enabled...

MGASA-2020-0156 Updated kernel packages fix security vulnerabilities

This update is based on upstream 5.5.14 and fixes at least the following security vulnerabilities: In the Linux kernel 5.3.10, there is a use-after-free read in the perftracelockacquire function related to include/trace/events/lock.h CVE-2019-19769. Manfred Paul discovered that the bpf verifier i...

Updated kernel packages fix security vulnerabilities

This update is based on upstream 5.5.14 and fixes at least the following security vulnerabilities: In the Linux kernel 5.3.10, there is a use-after-free read in the perftracelockacquire function related to include/trace/events/lock.h CVE-2019-19769. Manfred Paul discovered that the bpf verifier i...

openSUSE Security Update : wireshark (openSUSE-2020-362)

This update for wireshark and libmaxminddb fixes the following issues : Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support bsc1156288. New features include : - Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC -...

openSUSE: Security Advisory for wireshark (openSUSE-SU-2020:0362-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:0693-1)

This update for wireshark and libmaxminddb fixes the following issues : Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support bsc1156288. New features include : Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC Improve...

WireGuard Gives Linux a Faster, More Secure VPN

The virtual private network software from security researcher Jason Donenfeld wins fans with its simplicity and ease of auditing...

Wireshark WireGuard Parser Denial of Service Vulnerability

Wireshark formerly Ethereal is a suite of network packet analysis software from the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.WireGuard is used in which a WireGuard protocol parser... A security vulnerability exists in the...

Wireshark 3.2.x < 3.2.2 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 3.2.2. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.2.2 advisory. - In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This...

Wireshark 3.2.x < 3.2.2 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.2.2. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.2.2 advisory. - In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak...

DEBIAN-CVE-2020-9429

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value...

CVE-2020-9429

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value...

CVE-2020-9429

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value...

CVE-2020-9429

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value...

Null pointer dereference

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value...

CVE-2020-9429

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value...

CVE-2020-9429

Wireshark (3.2.0–3.2.1) contained a crash in the WireGuard dissector caused by how a particular data structure could be NULL. The issue was fixed in epan/dissectors/packet-wireguard.c by handling that NULL scenario. Public references indicate remediation via upgrading to Wireshark 3.2.2 or later ...