{"id":"MGASA-2023-0275","summary":"Updated wireshark packages fix security vulnerabilities","details":"The updated wireshark packages fix security vulnerabilities:\n\nDue to a failure in validating the length provided by an\nattacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7\nis susceptible to a divide by zero allowing for a denial of service\nattack. (CVE-2023-2906)\n\nBT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to\n3.6.15 allows denial of service via packet injection or crafted capture\nfile. (CVE-2023-4511)\n\nCBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of\nservice via packet injection or crafted capture file. (CVE-2023-4512)\n\nBT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to\n3.6.15 allows denial of service via packet injection or crafted capture\nfile. (CVE-2023-4513)\n","modified":"2026-04-16T00:10:10.336339337Z","published":"2023-09-30T19:15:40Z","upstream":["CVE-2023-2906","CVE-2023-4511","CVE-2023-4512","CVE-2023-4513"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2023-0275.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=32275"},{"type":"ADVISORY","url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2906"},{"type":"ADVISORY","url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4511"},{"type":"ADVISORY","url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4512"},{"type":"ADVISORY","url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4513"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4AVRUYSHDNEAJILVSGY5W6MPOMG2YRF/"}],"affected":[{"package":{"name":"wireshark","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/wireshark?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.0.8-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0275.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}