Debian LTS: DLA-3906-1: wireshark Security Advisory Updates
Summary
CVE-2021-4181
Sysdig Event dissector crash
CVE-2021-4182
RFC 7468 dissector crash
CVE-2021-4184
BitTorrent DHT dissector infinite loop
CVE-2021-4185
RTMPT dissector infinite loop
CVE-2021-4186
Gryphon dissector crash
CVE-2021-4190
Kafka dissector large loop DoS
CVE-2022-0581
CMS protocol dissector crash
CVE-2022-0582
CSN.1 protocol dissector unaligned access
CVE-2022-0583
PVFS protocol dissector crash
CVE-2022-0585
Large loops in multiple dissectors
CVE-2022-0586
RTMPT protocol dissector infinite loop
CVE-2022-3190
F5 Ethernet Trailer dissector infinite loop
CVE-2022-4344
Kafka protocol dissector memory exhaustion
CVE-2022-4345
Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors
CVE-2023-0411
Excessive loops in the BPv6, NCP and RTPS protocol dissectors
CVE-2023-0412
TIPC dissector crash
CVE-2023-0413
Dissection engine bug DoS
CVE-2023-0415
iSCSI dissector crash
CVE-2023-0416
GNW dissector crash
CVE-2023-0417
NFS dissector memory leak
CVE-2023-0666
RTPS parsing heap overflow
CVE-2023-0667
MSMMS dissector buffer overflow
CVE-2023-0668
IEEE C37.118 Synchrophasor dissector crash
CVE-2023-1161
ISO 15765 dissector crash
CVE-2023-1992
RPCoRDMA dissector crash
CVE-2023-1993
LISP dissector large loop
CVE-2023-1994
GQUIC dissector crash
CVE-2023-2855
Candump log parser crash
CVE-2023-2856
VMS TCPIPtrace file parser crash
CVE-2023-2858
NetScaler file parser crash
CVE-2023-2879
GDSDB dissector infinite loop
CVE-2023-2906
CP2179 dissector crash
CVE-2023-2952
XRA dissector infinite loop
CVE-2023-3648
Kafka dissector crash
CVE-2023-3649
iSCSI dissector crash
CVE-2023-4511
BT SDP dissector infinite loop
CVE-2023-4512
CBOR dissector crash
CVE-2023-4513
BT SDP dissector memory leak
CVE-2023-6175
NetScreen file parser crash
CVE-2024-0208
GVCP dissector crash
CVE-2024-0209
IEEE 1609.2 dissector crash
CVE-2024-0211
DOCSIS dissector crash
CVE-2024-2955
T.38 dissector crash
CVE-2024-4853
Editcap byte chopping crash
CVE-2024-4854
MONGO dissector infinite loop
CVE-2024-8250
NTLMSSP dissector crash
CVE-2024-8645
SPRT dissector crash
For Debian 11 bullseye, these problems have been fixed in version
3.4.16-0+deb11u1.
We recommend that you upgrade your wireshark packages.
For the detailed security status of wireshark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS