Bug 1224274 (CVE-2024-4854)

Summary: VUL-0: CVE-2024-4854: wireshark: MONGO and ZigBee TLV dissector infinite loops via packet injection or crafted capture file
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Robert Frohl <rfrohl>
Status: CONFIRMED --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: carlos.lopez
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/405515/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-4854:5.7:(AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-05-15 09:37:14 UTC 
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-4854
https://www.cve.org/CVERecord?id=CVE-2024-4854
https://gitlab.com/wireshark/wireshark/-/issues/19726
https://gitlab.com/wireshark/wireshark/-/merge_requests/15047
https://gitlab.com/wireshark/wireshark/-/merge_requests/15499
https://www.wireshark.org/security/wnpa-sec-2024-07.html
Comment 1 Carlos López 2024-05-15 09:46:39 UTC 
I'd say this affects:
 - SUSE:SLE-15:Update/wireshark
 - SUSE:SLE-15-SP6:Update/wireshark
 - SUSE:ALP:Source:Standard:1.0/wireshark
 - SUSE:SLFO:Main/wireshark
Comment 2 Robert Frohl 2024-05-15 09:56:01 UTC 
the upstream CVE process changes all the time with them..

Will submit once 4.2.5 is released.
Comment 7 Maintenance Automation 2024-07-02 12:30:20 UTC 
SUSE-SU-2024:2265-1: An update that solves three vulnerabilities can now be installed.

Category: security (moderate)
Bug References: 1224259, 1224274, 1224276
CVE References: CVE-2024-4853, CVE-2024-4854, CVE-2024-4855
Maintenance Incident: [SUSE:Maintenance:34479](https://smelt.suse.de/incident/34479/)
Sources used:
openSUSE Leap 15.6 (src):
 wireshark-3.6.23-150600.18.3.1
Basesystem Module 15-SP6 (src):
 wireshark-3.6.23-150600.18.3.1
Desktop Applications Module 15-SP6 (src):
 wireshark-3.6.23-150600.18.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.