SUSE-SU-2022:3309-1 Security update for wireshark

This update for wireshark fixes the following issues: Updated to Wireshark 3.6.8: - CVE-2022-3190: Fixed F5 Ethernet Trailer dissector infinite loop bsc1203388. - CVE-2021-4186: Fixed Gryphon dissector crash bsc1194165...

CVE-2022-3190

The CVE describes an infinite loop in the F5 Ethernet Trailer protocol dissector of Wireshark. Affected releases include Wireshark 3.6.0–3.6.7 and 3.4.0–3.4.15, where processing crafted captures or packet injections can cause a denial of service. Connected advisories corroborate the issue and ind...

CVE-2022-3190

Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file...

Wireshark 3.4.x < 3.4.16, 3.6.x < 3.6.8 DoS

The version of Wireshark installed on the remote Windows host is prior to 3.4.0 to 3.4.15 and 3.6.0 to 3.6.7. It is, therefore, affected by denial of service vulnerability as referenced in the wireshark-3.6.8 advisory. The F5 Ethernet Trailer dissector could go into an infinite loop. It may be...