https://bugzilla.suse.com/show_bug.cgi?id=1215959 Bug ID: 1215959 Summary: VUL-0: CVE-2023-5371: wireshark: RTPS dissector memory leak (wnpa-sec-2023-27) Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.5 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: rfrohl@suse.com Reporter: Andreas.Stieger@gmx.de QA Contact: security-team@suse.de Target Milestone: --- Found By: Security Response Team Blocker: --- It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. The RTPS dissector could leak memory. This is fixed in versions: 4.0.9, 3.6.17 Reproducer: https://www.wireshark.org/download/automated/captures/fuzz-2023-09-04-10873.... References: https://www.wireshark.org/security/wnpa-sec-2023-27 https://gitlab.com/wireshark/wireshark/-/issues/19322 -- You are receiving this mail because: You are on the CC list for the bug.