ALT-BU-2020-4068-1
Branch p9 update bulletin.
Closed vulnerabilities
BDU:2021-00874
Уязвимость анализатора протокола BLIP программного обеспечения Wireshark, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2021-00875
Уязвимость программного обеспечения Wireshark, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю вызвать аварийное завершение работы приложения
BDU:2021-00884
Уязвимость функции в epan/dissectors/packet-tcp.c программного обеспечения Wireshark, позволяющая нарушителю вызвать аварийное завершение работы приложения
Modified: 2024-11-21
CVE-2020-25862
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.
- openSUSE-SU-2020:1878
- openSUSE-SU-2020:1878
- openSUSE-SU-2020:1882
- openSUSE-SU-2020:1882
- https://gitlab.com/wireshark/wireshark/-/commit/7f3fe6164a68b76d9988c4253b24d43f498f1753
- https://gitlab.com/wireshark/wireshark/-/commit/7f3fe6164a68b76d9988c4253b24d43f498f1753
- https://gitlab.com/wireshark/wireshark/-/issues/16816
- https://gitlab.com/wireshark/wireshark/-/issues/16816
- [debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update
- [debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update
- FEDORA-2020-1bf4b97c16
- FEDORA-2020-1bf4b97c16
- FEDORA-2020-1b390bec14
- FEDORA-2020-1b390bec14
- FEDORA-2020-9bda6ae1cd
- FEDORA-2020-9bda6ae1cd
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.wireshark.org/security/wnpa-sec-2020-12.html
- https://www.wireshark.org/security/wnpa-sec-2020-12.html
Modified: 2024-11-21
CVE-2020-25863
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.
- openSUSE-SU-2020:1878
- openSUSE-SU-2020:1878
- openSUSE-SU-2020:1882
- openSUSE-SU-2020:1882
- https://gitlab.com/wireshark/wireshark/-/commit/5803c7b87b3414cdb8bf502af50bb406ca774482
- https://gitlab.com/wireshark/wireshark/-/commit/5803c7b87b3414cdb8bf502af50bb406ca774482
- https://gitlab.com/wireshark/wireshark/-/issues/16741
- https://gitlab.com/wireshark/wireshark/-/issues/16741
- [debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update
- [debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update
- FEDORA-2020-1bf4b97c16
- FEDORA-2020-1bf4b97c16
- FEDORA-2020-1b390bec14
- FEDORA-2020-1b390bec14
- FEDORA-2020-9bda6ae1cd
- FEDORA-2020-9bda6ae1cd
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.wireshark.org/security/wnpa-sec-2020-11.html
- https://www.wireshark.org/security/wnpa-sec-2020-11.html
Modified: 2024-11-21
CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.
- openSUSE-SU-2020:1878
- openSUSE-SU-2020:1878
- openSUSE-SU-2020:1882
- openSUSE-SU-2020:1882
- https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f
- https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f
- https://gitlab.com/wireshark/wireshark/-/issues/16866
- https://gitlab.com/wireshark/wireshark/-/issues/16866
- FEDORA-2020-1bf4b97c16
- FEDORA-2020-1bf4b97c16
- FEDORA-2020-1b390bec14
- FEDORA-2020-1b390bec14
- FEDORA-2020-9bda6ae1cd
- FEDORA-2020-9bda6ae1cd
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.wireshark.org/security/wnpa-sec-2020-13.html
- https://www.wireshark.org/security/wnpa-sec-2020-13.html
Closed vulnerabilities
BDU:2021-00092
Уязвимость подсистемы инициализации и управления службами Linux systemd, связанная с недостатком механизма проверки вводимых данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2020-13776
systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.
Closed vulnerabilities
BDU:2022-05961
Уязвимость компонента packet.c библиотеки реализации протокола SSH2 Libssh2, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2019-17498
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
- openSUSE-SU-2019:2483
- openSUSE-SU-2019:2483
- http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html
- http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html
- https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/
- https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/
- https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498
- https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498
- https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480
- https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480
- https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c
- https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c
- [debian-lts-announce] 20191113 [SECURITY] [DLA 1991-1] libssh2 security update
- [debian-lts-announce] 20191113 [SECURITY] [DLA 1991-1] libssh2 security update
- [debian-lts-announce] 20211217 [SECURITY] [DLA 2848-1] libssh2 security update
- [debian-lts-announce] 20211217 [SECURITY] [DLA 2848-1] libssh2 security update
- [debian-lts-announce] 20230908 [SECURITY] [DLA 3559-1] libssh2 security update
- [debian-lts-announce] 20230908 [SECURITY] [DLA 3559-1] libssh2 security update
- FEDORA-2019-ec04c34768
- FEDORA-2019-ec04c34768
- FEDORA-2019-91529f19e4
- FEDORA-2019-91529f19e4
- https://security.netapp.com/advisory/ntap-20220909-0004/
- https://security.netapp.com/advisory/ntap-20220909-0004/