http://bugzilla.opensuse.org/show_bug.cgi?id=1158505 Bug ID: 1158505 Summary: VUL-1: CVE-2019-19553: wireshark: CMS dissector crash (wnpa-sec-2019-22) Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: rfrohl@suse.com Reporter: Andreas.Stieger@gmx.de QA Contact: security-team@suse.de Found By: --- Blocker: --- It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Affected versions: 3.0.0 to 3.0.6, 2.6.0 to 2.6.12 (no statement is made about earlier versions) Fixed versions: 3.0.7, 2.6.13 Found by fuzzing/ASAN. Reproducer in https://www.wireshark.org/download/automated/captures/fuzz-2019-08-01-27827.... References: https://www.wireshark.org/security/wnpa-sec-2019-22 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15961 -- You are receiving this mail because: You are on the CC list for the bug.