Linux Distros Unpatched Vulnerability : CVE-2016-9372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in...

openSUSE Security Update : wireshark (openSUSE-2016-2923)

This update to wireshark 2.2.2 fixes the following issues : - CVE-2016-9372: Profinet I/O long loop boo1010807 - CVE-2016-9374: AllJoyn crash boo1010752 - CVE-2016-9376: OpenFlow crash boo1010735 - CVE-2016-9373: DCERPC crash boo1010754 - CVE-2016-9375: DTN infinite loop boo1010740 This update al...

Security fix for the ALT Linux 9 package wireshark version 2.2.2-alt1

Nov. 21, 2016 Anton Farygin 2.2.2-alt1 - new version, in which following vulnerabilities have been fixed: CVE-2016-9372 Profinet I/O long loop. CVE-2016-9373 DCERPC crash. CVE-2016-9374 AllJoyn crash. CVE-2016-9375 DTN infinite loop. CVE-2016-9376 OpenFlow crash...

Security fix for the ALT Linux 7 package wireshark version 2.2.2-alt1

Nov. 21, 2016 Anton Farygin 2.2.2-alt1 - new version, in which following vulnerabilities have been fixed: CVE-2016-9372 Profinet I/O long loop. CVE-2016-9373 DCERPC crash. CVE-2016-9374 AllJoyn crash. CVE-2016-9375 DTN infinite loop. CVE-2016-9376 OpenFlow crash...

CVE-2016-9372

CVE-2016-9372 affects Wireshark 2.2.0–2.2.1, where the Profinet I/O dissector could loop excessively in response to network traffic or a capture file. The root cause is input with too many I/O objects, leading to a potential denial of service via resource exhaustion. The remediation implemented i...