vulnerability
SUSE: CVE-2017-5596: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jan 25, 2017 | Feb 3, 2017 | Feb 4, 2022 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jan 25, 2017
Added
Feb 3, 2017
Modified
Feb 4, 2022
Description
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.
Solutions
suse-upgrade-libwireshark13suse-upgrade-libwireshark8suse-upgrade-libwireshark9suse-upgrade-libwiretap10suse-upgrade-libwiretap6suse-upgrade-libwiretap7suse-upgrade-libwscodecs1suse-upgrade-libwsutil11suse-upgrade-libwsutil7suse-upgrade-libwsutil8suse-upgrade-wiresharksuse-upgrade-wireshark-develsuse-upgrade-wireshark-gtksuse-upgrade-wireshark-ui-qt
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.