Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:2373: Red Hat Security Advisory: wireshark security and bug fix update

An update for wireshark is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-3190: A vulnerability was found in Wireshark. This issue occurs due to an Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark, leading to a denial of service via packet injection or crafted capture file.
Red Hat Security Data
Open in Source
#vulnerability#web#linux#red_hat#dos#nodejs#js#java#kubernetes#aws#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2023-05-09

Updated:

2023-05-09

RHSA-2023:2373 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: wireshark security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for wireshark is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network.

Security Fix(es):

  • wireshark: f5ethtrailer Infinite loop in legacy style dissector (CVE-2022-3190)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Wireshark must be restarted for the update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 9 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x

Fixes

  • BZ - 2083581 - capinfos aborts in FIPS
  • BZ - 2152061 - CVE-2022-3190 wireshark: f5ethtrailer Infinite loop in legacy style dissector
  • BZ - 2160648 - Enhanced TMT testing for centos-stream

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index

Red Hat Enterprise Linux for x86_64 9

SRPM

wireshark-3.4.10-4.el9.src.rpm

SHA-256: 5e5aa220d3f5afe27fbc466b96821db8e0fe79201082d07c0686ba3a2a93470c

x86_64

wireshark-3.4.10-4.el9.x86_64.rpm

SHA-256: 65793793702291894912d77a527cf8761e96ca372f09107872a1a8d0b88300e9

wireshark-cli-3.4.10-4.el9.i686.rpm

SHA-256: d9ebf6ed9f959ae8f8a388f9c8f6b5608463c0714c7537a4bc9a956e1316fea0

wireshark-cli-3.4.10-4.el9.x86_64.rpm

SHA-256: ccc99316c94f17a4df2eab2fc5d9837fe8fce7172e5425ff8c0a9497daf5db46

wireshark-cli-debuginfo-3.4.10-4.el9.i686.rpm

SHA-256: 54c5fe937b9fadc4ec4f10711457f645453079020a7d14c8b751ec9d279d5113

wireshark-cli-debuginfo-3.4.10-4.el9.x86_64.rpm

SHA-256: 9b5b36713baa0856b76a26b16004b4d526405ed4f89bb328b051f528fc0363c0

wireshark-debuginfo-3.4.10-4.el9.i686.rpm

SHA-256: d616388e687c34e64afa4cd33eb88e90db2f061ed90d1fd1752e9f612d9701ae

wireshark-debuginfo-3.4.10-4.el9.x86_64.rpm

SHA-256: bcd3a1514ba3ddb2240fe5d3482e55e5a6892d249ee6950715db3660793ed29a

wireshark-debugsource-3.4.10-4.el9.i686.rpm

SHA-256: 9f6e3df314595cc82fe401bfd270ac6ce74a16dc50af7b4b7d928e460fc888a1

wireshark-debugsource-3.4.10-4.el9.x86_64.rpm

SHA-256: adb06e85c7f9b414dd1b987b27b4dd88a19be0c0176ebe9a9a513581518b5b11

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

wireshark-3.4.10-4.el9.src.rpm

SHA-256: 5e5aa220d3f5afe27fbc466b96821db8e0fe79201082d07c0686ba3a2a93470c

s390x

wireshark-3.4.10-4.el9.s390x.rpm

SHA-256: 5e6aa21ce5904e904227e7742e4961bef9bb000516da89526a8b4d159252975d

wireshark-cli-3.4.10-4.el9.s390x.rpm

SHA-256: feaf50d1a8fa7aa3bf4a7f13aa8075a28e640736538387ceb00b6aab7da1d35b

wireshark-cli-debuginfo-3.4.10-4.el9.s390x.rpm

SHA-256: f6752dd62206ad8f4b60ce17e7b14654572bc2f406a60ba0716221bf2f1f0517

wireshark-debuginfo-3.4.10-4.el9.s390x.rpm

SHA-256: 1ff2cb59edd8dbe9977d4b9d89d0191d66c36e23f3e6efb56cccda8872b0a0a7

wireshark-debugsource-3.4.10-4.el9.s390x.rpm

SHA-256: 94d16a067f8bda1f0b1bb791a9b85130c75cbdb01149a0d70aa8ab7fbdb2e460

Red Hat Enterprise Linux for Power, little endian 9

SRPM

wireshark-3.4.10-4.el9.src.rpm

SHA-256: 5e5aa220d3f5afe27fbc466b96821db8e0fe79201082d07c0686ba3a2a93470c

ppc64le

wireshark-3.4.10-4.el9.ppc64le.rpm

SHA-256: 622b0b917eb917f10f8f83e468e726a5f8a67c75bbaa2a4cba8c03f6a7b49998

wireshark-cli-3.4.10-4.el9.ppc64le.rpm

SHA-256: 36c00a1c41b68856306716935bb37c7d730adb86a222f2fa5db2f8b63e709c23

wireshark-cli-debuginfo-3.4.10-4.el9.ppc64le.rpm

SHA-256: d6a06859d7fe5a939567b3339a8e7943c105d5da7c865fe7d3cc18ebaac9b1c5

wireshark-debuginfo-3.4.10-4.el9.ppc64le.rpm

SHA-256: eeed5a21221d533db9c017e0419ea264f377357716d466e98d96d1faf8141657

wireshark-debugsource-3.4.10-4.el9.ppc64le.rpm

SHA-256: 4f5f250b5fd2d13e69eec6160bb7af622d02b1c71f24cc2fbffc3f121fe570a4

Red Hat Enterprise Linux for ARM 64 9

SRPM

wireshark-3.4.10-4.el9.src.rpm

SHA-256: 5e5aa220d3f5afe27fbc466b96821db8e0fe79201082d07c0686ba3a2a93470c

aarch64

wireshark-3.4.10-4.el9.aarch64.rpm

SHA-256: 5276293797aed45841ab84ec617c00434b69d1ffdbfaf5d7e831125231c775d2

wireshark-cli-3.4.10-4.el9.aarch64.rpm

SHA-256: 6a7be4e3fb01a83ecfa6b920e994ce7ccb4ff7a057330ce881de857975e2785e

wireshark-cli-debuginfo-3.4.10-4.el9.aarch64.rpm

SHA-256: 67cd741c24bab11a5b9b116756ab48aa59aeeba0078fdac87cbb1879448cf8a7

wireshark-debuginfo-3.4.10-4.el9.aarch64.rpm

SHA-256: c851b4e74c3866b11a8df31421eb145912367e3654e3b9ff1fcb824254ce9558

wireshark-debugsource-3.4.10-4.el9.aarch64.rpm

SHA-256: 0226036eb2f054c7360498d99f30acfc54d0418f8778b215e5b4d8d0e25a071d

Red Hat CodeReady Linux Builder for x86_64 9

SRPM

x86_64

wireshark-cli-debuginfo-3.4.10-4.el9.i686.rpm

SHA-256: 54c5fe937b9fadc4ec4f10711457f645453079020a7d14c8b751ec9d279d5113

wireshark-cli-debuginfo-3.4.10-4.el9.x86_64.rpm

SHA-256: 9b5b36713baa0856b76a26b16004b4d526405ed4f89bb328b051f528fc0363c0

wireshark-debuginfo-3.4.10-4.el9.i686.rpm

SHA-256: d616388e687c34e64afa4cd33eb88e90db2f061ed90d1fd1752e9f612d9701ae

wireshark-debuginfo-3.4.10-4.el9.x86_64.rpm

SHA-256: bcd3a1514ba3ddb2240fe5d3482e55e5a6892d249ee6950715db3660793ed29a

wireshark-debugsource-3.4.10-4.el9.i686.rpm

SHA-256: 9f6e3df314595cc82fe401bfd270ac6ce74a16dc50af7b4b7d928e460fc888a1

wireshark-debugsource-3.4.10-4.el9.x86_64.rpm

SHA-256: adb06e85c7f9b414dd1b987b27b4dd88a19be0c0176ebe9a9a513581518b5b11

wireshark-devel-3.4.10-4.el9.i686.rpm

SHA-256: 397e234d4a4281830e1aaa1639034afee88f6ea1d74e9ac99e3fad386099e8fe

wireshark-devel-3.4.10-4.el9.x86_64.rpm

SHA-256: 9012191f648d40a22a164cad49af49a89e4783d2e76833de79554a27fafe885b

Red Hat CodeReady Linux Builder for Power, little endian 9

SRPM

ppc64le

wireshark-cli-debuginfo-3.4.10-4.el9.ppc64le.rpm

SHA-256: d6a06859d7fe5a939567b3339a8e7943c105d5da7c865fe7d3cc18ebaac9b1c5

wireshark-debuginfo-3.4.10-4.el9.ppc64le.rpm

SHA-256: eeed5a21221d533db9c017e0419ea264f377357716d466e98d96d1faf8141657

wireshark-debugsource-3.4.10-4.el9.ppc64le.rpm

SHA-256: 4f5f250b5fd2d13e69eec6160bb7af622d02b1c71f24cc2fbffc3f121fe570a4

wireshark-devel-3.4.10-4.el9.ppc64le.rpm

SHA-256: 219017241cccc1ace078f8185a471af94a87637b43446f279f7eeb7280717a81

Red Hat CodeReady Linux Builder for ARM 64 9

SRPM

aarch64

wireshark-cli-debuginfo-3.4.10-4.el9.aarch64.rpm

SHA-256: 67cd741c24bab11a5b9b116756ab48aa59aeeba0078fdac87cbb1879448cf8a7

wireshark-debuginfo-3.4.10-4.el9.aarch64.rpm

SHA-256: c851b4e74c3866b11a8df31421eb145912367e3654e3b9ff1fcb824254ce9558

wireshark-debugsource-3.4.10-4.el9.aarch64.rpm

SHA-256: 0226036eb2f054c7360498d99f30acfc54d0418f8778b215e5b4d8d0e25a071d

wireshark-devel-3.4.10-4.el9.aarch64.rpm

SHA-256: 67f5b23ef2a3d4a75152fc3e30498a6f281cbcdf47950afa036d5e8506c0a54f

Red Hat CodeReady Linux Builder for IBM z Systems 9

SRPM

s390x

wireshark-cli-debuginfo-3.4.10-4.el9.s390x.rpm

SHA-256: f6752dd62206ad8f4b60ce17e7b14654572bc2f406a60ba0716221bf2f1f0517

wireshark-debuginfo-3.4.10-4.el9.s390x.rpm

SHA-256: 1ff2cb59edd8dbe9977d4b9d89d0191d66c36e23f3e6efb56cccda8872b0a0a7

wireshark-debugsource-3.4.10-4.el9.s390x.rpm

SHA-256: 94d16a067f8bda1f0b1bb791a9b85130c75cbdb01149a0d70aa8ab7fbdb2e460

wireshark-devel-3.4.10-4.el9.s390x.rpm

SHA-256: f23e5c35318d427a337bb53e04dcd781d54de454b3f637d10bd7fda52d251800

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

CVE-2022-3190: 2022/CVE-2022-3190.json · master · GitLab.org / cves · GitLab

Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data