Bug 741188 – VUL-0: CVE-2012-0043: wireshark: RLC dissector buffer overflow

Bug 741188 - VUL-0: CVE-2012-0043: wireshark: RLC dissector buffer overflow


Summary:	VUL-0: CVE-2012-0043: wireshark: RLC dissector buffer overflow

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	General
Version:	unspecified
Hardware:	Other Other

Priority:	P2 - High Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:released:11.4:45142 maint:relea...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2012-01-13 08:50 UTC by Matthias Weckbecker
Modified:	2012-02-29 14:35 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthias Weckbecker 2012-01-13 08:50:53 UTC

"It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.",

http://www.wireshark.org/security/wnpa-sec-2012-03.html

Comment 1 Sebastian Krahmer 2012-01-16 07:46:20 UTC

CVE-2012-0043

Comment 2 Swamp Workflow Management 2012-01-19 16:42:10 UTC

The SWAMPID for this issue is 45064.
This issue was rated as moderate.
Please submit fixed packages until 2012-02-02.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 3 Bernhard Wiedemann 2012-01-20 07:00:37 UTC

This is an autogenerated message for OBS integration:
This bug (741188) was mentioned in
https://build.opensuse.org/request/show/100802 11.3 / wireshark
https://build.opensuse.org/request/show/100803 11.4 / wireshark
https://build.opensuse.org/request/show/100804 12.1 / wireshark

Comment 4 Swamp Workflow Management 2012-02-23 14:48:13 UTC

Update released for: wireshark, wireshark-debuginfo, wireshark-debugsource, wireshark-devel
Products:
openSUSE 11.4 (debug, i586, x86_64)

Comment 5 Swamp Workflow Management 2012-02-23 18:09:39 UTC

Update released for: wireshark, wireshark-debuginfo, wireshark-devel
Products:
SLE-SERVER 10-SP3-TERADATA (x86_64)

Comment 6 Swamp Workflow Management 2012-02-23 18:13:01 UTC

Update released for: wireshark, wireshark-debuginfo, wireshark-devel
Products:
SLE-DESKTOP 10-SP4 (i386, x86_64)
SLE-SDK 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)

Comment 7 Bernhard Wiedemann 2012-02-24 08:00:13 UTC

This is an autogenerated message for OBS integration:
This bug (741188) was mentioned in
https://build.opensuse.org/request/show/106751 Evergreen:11.2 / wireshark

Comment 8 Bernhard Wiedemann 2012-02-24 09:00:15 UTC

This is an autogenerated message for OBS integration:
This bug (741188) was mentioned in
https://build.opensuse.org/request/show/106757 Evergreen:11.1 / wireshark

Comment 9 Bernhard Wiedemann 2012-02-27 10:01:56 UTC

This is an autogenerated message for OBS integration:
This bug (741188) was mentioned in
https://build.opensuse.org/request/show/107121 Evergreen:11.1 / wireshark

Comment 10 Marcus Meissner 2012-02-27 14:27:12 UTC

released