Bugzilla – Bug 1208914
VUL-0: CVE-2023-1161: wireshark: ISO 15765 and ISO 10681 dissector crash (wnpa-sec-2023-08)
Last modified: 2023-04-04 16:30:06 UTC
In Wireshark before 4.0.4 and 3.6.12 the ISO 15765 and ISO 10681 dissectors could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. References: https://www.wireshark.org/security/wnpa-sec-2023-08 https://gitlab.com/wireshark/wireshark/-/issues/18839
submitted
SUSE-SU-2023:1762-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1208914 CVE References: CVE-2023-1161 Sources used: openSUSE Leap 15.4 (src): wireshark-3.6.12-150000.3.86.1 Basesystem Module 15-SP4 (src): wireshark-3.6.12-150000.3.86.1 Desktop Applications Module 15-SP4 (src): wireshark-3.6.12-150000.3.86.1 SUSE Linux Enterprise Real Time 15 SP3 (src): wireshark-3.6.12-150000.3.86.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.