Security update for wireshark

Announcement ID:	SUSE-SU-2018:0811-1
Rating:	moderate
References:	bsc#1077080 bsc#1082692
Cross-References:	CVE-2017-17997 CVE-2018-7320 CVE-2018-7321 CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7325 CVE-2018-7326 CVE-2018-7327 CVE-2018-7328 CVE-2018-7329 CVE-2018-7330 CVE-2018-7331 CVE-2018-7332 CVE-2018-7333 CVE-2018-7334 CVE-2018-7335 CVE-2018-7336 CVE-2018-7337 CVE-2018-7417 CVE-2018-7418 CVE-2018-7419 CVE-2018-7420 CVE-2018-7421
CVSS scores:	CVE-2017-17997 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2017-17997 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7320 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7320 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7321 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7321 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7322 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7322 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7323 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7323 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7324 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7324 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7325 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7325 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7326 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7326 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7327 ( SUSE ): 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2018-7327 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7328 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7328 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7329 ( SUSE ): 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2018-7329 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7330 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7330 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7331 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7331 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7332 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7332 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7333 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7333 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7334 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7334 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7335 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7335 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7336 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7336 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7337 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7337 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7417 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7417 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7418 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7418 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7419 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7419 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7420 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7420 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7421 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2018-7421 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-7421 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:	SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise High Performance Computing 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP3 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 SUSE Linux Enterprise Software Development Kit 12 12-SP2 SUSE Linux Enterprise Software Development Kit 12 SP3

An update that solves 24 vulnerabilities can now be installed.

Description:

This update for wireshark fixes the following issues:

Security issue fixed (bsc#1082692):

• CVE-2018-7335: The IEEE 802.11 dissector could crash (wnpa-sec-2018-05)
• CVE-2018-7321: thrift long dissector loop (dissect_thrift_map)
• CVE-2018-7322: DICOM: inifinite loop (dissect_dcm_tag)
• CVE-2018-7323: WCCP: very long loop (dissect_wccp2_alternate_mask_value_set_element)
• CVE-2018-7324: SCCP: infinite loop (dissect_sccp_optional_parameters)
• CVE-2018-7325: RPKI-Router Protocol: infinite loop (dissect_rpkirtr_pdu)
• CVE-2018-7326: LLTD: infinite loop (dissect_lltd_tlv)
• CVE-2018-7327: openflow_v6: infinite loop (dissect_openflow_bundle_control_v6)
• CVE-2018-7328: USB-DARWIN: long loop (dissect_darwin_usb_iso_transfer)
• CVE-2018-7329: S7COMM: infinite loop (s7comm_decode_ud_cpu_alarm_main)
• CVE-2018-7330: thread_meshcop: infinite loop (get_chancount)
• CVE-2018-7331: GTP: infinite loop (dissect_gprscdr_GGSNPDPRecord, dissect_ber_set)
• CVE-2018-7332: RELOAD: infinite loop (dissect_statans)
• CVE-2018-7333: RPCoRDMA: infinite loop in get_write_list_chunk_count
• CVE-2018-7421: Multiple dissectors could go into large infinite loops (wnpa-sec-2018-06)
• CVE-2018-7334: The UMTS MAC dissector could crash (wnpa-sec-2018-07)
• CVE-2018-7337: The DOCSIS dissector could crash (wnpa-sec-2018-08)
• CVE-2018-7336: The FCP dissector could crash (wnpa-sec-2018-09)
• CVE-2018-7320: The SIGCOMP dissector could crash (wnpa-sec-2018-10)
• CVE-2018-7420: The pcapng file parser could crash (wnpa-sec-2018-11)
• CVE-2018-7417: The IPMI dissector could crash (wnpa-sec-2018-12)
• CVE-2018-7418: The SIGCOMP dissector could crash (wnpa-sec-2018-13)
• CVE-2018-7419: The NBAP disssector could crash (wnpa-sec-2018-14)
• CVE-2017-17997: Misuse of NULL pointer in MRDISC dissector (bsc#1077080).

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Desktop 12 SP2
  zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2018-546=1
• SUSE Linux Enterprise Desktop 12 SP3
  zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-546=1
• SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
  zypper in -t patch SUSE-SLE-RPI-12-SP2-2018-546=1
• SUSE Linux Enterprise Software Development Kit 12 12-SP2
  zypper in -t patch SUSE-SLE-SDK-12-SP2-2018-546=1
• SUSE Linux Enterprise Software Development Kit 12 SP3
  zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-546=1
• SUSE Linux Enterprise High Performance Computing 12 SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-546=1
• SUSE Linux Enterprise Server 12 SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-546=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-546=1
• SUSE Linux Enterprise Server 12 SP3
  zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-546=1
• SUSE Linux Enterprise High Performance Computing 12 SP3
  zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-546=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP3
  zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-546=1

Package List:

• SUSE Linux Enterprise Desktop 12 SP2 (x86_64)
  • libwiretap6-2.2.13-48.21.1
  • wireshark-gtk-debuginfo-2.2.13-48.21.1
  • libwireshark8-debuginfo-2.2.13-48.21.1
  • wireshark-2.2.13-48.21.1
  • wireshark-debugsource-2.2.13-48.21.1
  • libwsutil7-debuginfo-2.2.13-48.21.1
  • libwireshark8-2.2.13-48.21.1
  • wireshark-gtk-2.2.13-48.21.1
  • libwscodecs1-debuginfo-2.2.13-48.21.1
  • libwscodecs1-2.2.13-48.21.1
  • wireshark-debuginfo-2.2.13-48.21.1
  • libwsutil7-2.2.13-48.21.1
  • libwiretap6-debuginfo-2.2.13-48.21.1
• SUSE Linux Enterprise Desktop 12 SP3 (x86_64)
  • libwiretap6-2.2.13-48.21.1
  • wireshark-gtk-debuginfo-2.2.13-48.21.1
  • libwireshark8-debuginfo-2.2.13-48.21.1
  • wireshark-2.2.13-48.21.1
  • wireshark-debugsource-2.2.13-48.21.1
  • libwsutil7-debuginfo-2.2.13-48.21.1
  • libwireshark8-2.2.13-48.21.1
  • wireshark-gtk-2.2.13-48.21.1
  • libwscodecs1-debuginfo-2.2.13-48.21.1
  • libwscodecs1-2.2.13-48.21.1
  • wireshark-debuginfo-2.2.13-48.21.1
  • libwsutil7-2.2.13-48.21.1
  • libwiretap6-debuginfo-2.2.13-48.21.1
• SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 (aarch64)
  • libwiretap6-2.2.13-48.21.1
  • wireshark-gtk-debuginfo-2.2.13-48.21.1
  • libwireshark8-debuginfo-2.2.13-48.21.1
  • wireshark-2.2.13-48.21.1
  • wireshark-debugsource-2.2.13-48.21.1
  • libwsutil7-debuginfo-2.2.13-48.21.1
  • libwireshark8-2.2.13-48.21.1
  • wireshark-gtk-2.2.13-48.21.1
  • libwscodecs1-debuginfo-2.2.13-48.21.1
  • libwscodecs1-2.2.13-48.21.1
  • wireshark-debuginfo-2.2.13-48.21.1
  • libwsutil7-2.2.13-48.21.1
  • libwiretap6-debuginfo-2.2.13-48.21.1
• SUSE Linux Enterprise Software Development Kit 12 12-SP2 (aarch64 ppc64le s390x x86_64)
  • wireshark-debugsource-2.2.13-48.21.1
  • wireshark-devel-2.2.13-48.21.1
  • wireshark-debuginfo-2.2.13-48.21.1
• SUSE Linux Enterprise Software Development Kit 12 SP3 (aarch64 ppc64le s390x x86_64)
  • wireshark-debugsource-2.2.13-48.21.1
  • wireshark-devel-2.2.13-48.21.1
  • wireshark-debuginfo-2.2.13-48.21.1
• SUSE Linux Enterprise High Performance Computing 12 SP2 (aarch64 x86_64)
  • libwiretap6-2.2.13-48.21.1
  • wireshark-gtk-debuginfo-2.2.13-48.21.1
  • libwireshark8-debuginfo-2.2.13-48.21.1
  • wireshark-2.2.13-48.21.1
  • wireshark-debugsource-2.2.13-48.21.1
  • libwsutil7-debuginfo-2.2.13-48.21.1
  • libwireshark8-2.2.13-48.21.1
  • wireshark-gtk-2.2.13-48.21.1
  • libwscodecs1-debuginfo-2.2.13-48.21.1
  • libwscodecs1-2.2.13-48.21.1
  • wireshark-debuginfo-2.2.13-48.21.1
  • libwsutil7-2.2.13-48.21.1
  • libwiretap6-debuginfo-2.2.13-48.21.1
• SUSE Linux Enterprise Server 12 SP2 (aarch64 ppc64le s390x x86_64)
  • libwiretap6-2.2.13-48.21.1
  • wireshark-gtk-debuginfo-2.2.13-48.21.1
  • libwireshark8-debuginfo-2.2.13-48.21.1
  • wireshark-2.2.13-48.21.1
  • wireshark-debugsource-2.2.13-48.21.1
  • libwsutil7-debuginfo-2.2.13-48.21.1
  • libwireshark8-2.2.13-48.21.1
  • wireshark-gtk-2.2.13-48.21.1
  • libwscodecs1-debuginfo-2.2.13-48.21.1
  • libwscodecs1-2.2.13-48.21.1
  • wireshark-debuginfo-2.2.13-48.21.1
  • libwsutil7-2.2.13-48.21.1
  • libwiretap6-debuginfo-2.2.13-48.21.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP2 (ppc64le x86_64)
  • libwiretap6-2.2.13-48.21.1
  • wireshark-gtk-debuginfo-2.2.13-48.21.1
  • libwireshark8-debuginfo-2.2.13-48.21.1
  • wireshark-2.2.13-48.21.1
  • wireshark-debugsource-2.2.13-48.21.1
  • libwsutil7-debuginfo-2.2.13-48.21.1
  • libwireshark8-2.2.13-48.21.1
  • wireshark-gtk-2.2.13-48.21.1
  • libwscodecs1-debuginfo-2.2.13-48.21.1
  • libwscodecs1-2.2.13-48.21.1
  • wireshark-debuginfo-2.2.13-48.21.1
  • libwsutil7-2.2.13-48.21.1
  • libwiretap6-debuginfo-2.2.13-48.21.1
• SUSE Linux Enterprise Server 12 SP3 (aarch64 ppc64le s390x x86_64)
  • libwiretap6-2.2.13-48.21.1
  • wireshark-gtk-debuginfo-2.2.13-48.21.1
  • libwireshark8-debuginfo-2.2.13-48.21.1
  • wireshark-2.2.13-48.21.1
  • wireshark-debugsource-2.2.13-48.21.1
  • libwsutil7-debuginfo-2.2.13-48.21.1
  • libwireshark8-2.2.13-48.21.1
  • wireshark-gtk-2.2.13-48.21.1
  • libwscodecs1-debuginfo-2.2.13-48.21.1
  • libwscodecs1-2.2.13-48.21.1
  • wireshark-debuginfo-2.2.13-48.21.1
  • libwsutil7-2.2.13-48.21.1
  • libwiretap6-debuginfo-2.2.13-48.21.1
• SUSE Linux Enterprise High Performance Computing 12 SP3 (aarch64 x86_64)
  • libwiretap6-2.2.13-48.21.1
  • wireshark-gtk-debuginfo-2.2.13-48.21.1
  • libwireshark8-debuginfo-2.2.13-48.21.1
  • wireshark-2.2.13-48.21.1
  • wireshark-debugsource-2.2.13-48.21.1
  • libwsutil7-debuginfo-2.2.13-48.21.1
  • libwireshark8-2.2.13-48.21.1
  • wireshark-gtk-2.2.13-48.21.1
  • libwscodecs1-debuginfo-2.2.13-48.21.1
  • libwscodecs1-2.2.13-48.21.1
  • wireshark-debuginfo-2.2.13-48.21.1
  • libwsutil7-2.2.13-48.21.1
  • libwiretap6-debuginfo-2.2.13-48.21.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP3 (ppc64le x86_64)
  • libwiretap6-2.2.13-48.21.1
  • wireshark-gtk-debuginfo-2.2.13-48.21.1
  • libwireshark8-debuginfo-2.2.13-48.21.1
  • wireshark-2.2.13-48.21.1
  • wireshark-debugsource-2.2.13-48.21.1
  • libwsutil7-debuginfo-2.2.13-48.21.1
  • libwireshark8-2.2.13-48.21.1
  • wireshark-gtk-2.2.13-48.21.1
  • libwscodecs1-debuginfo-2.2.13-48.21.1
  • libwscodecs1-2.2.13-48.21.1
  • wireshark-debuginfo-2.2.13-48.21.1
  • libwsutil7-2.2.13-48.21.1
  • libwiretap6-debuginfo-2.2.13-48.21.1

References:

• https://www.suse.com/security/cve/CVE-2017-17997.html
• https://www.suse.com/security/cve/CVE-2018-7320.html
• https://www.suse.com/security/cve/CVE-2018-7321.html
• https://www.suse.com/security/cve/CVE-2018-7322.html
• https://www.suse.com/security/cve/CVE-2018-7323.html
• https://www.suse.com/security/cve/CVE-2018-7324.html
• https://www.suse.com/security/cve/CVE-2018-7325.html
• https://www.suse.com/security/cve/CVE-2018-7326.html
• https://www.suse.com/security/cve/CVE-2018-7327.html
• https://www.suse.com/security/cve/CVE-2018-7328.html
• https://www.suse.com/security/cve/CVE-2018-7329.html
• https://www.suse.com/security/cve/CVE-2018-7330.html
• https://www.suse.com/security/cve/CVE-2018-7331.html
• https://www.suse.com/security/cve/CVE-2018-7332.html
• https://www.suse.com/security/cve/CVE-2018-7333.html
• https://www.suse.com/security/cve/CVE-2