{"id":"MGASA-2018-0071","summary":"Updated wireshark packages fix security vulnerabilities","details":"The MRDISC dissector could crash (CVE-2017-17997).\n\nThe IxVeriWave file parser could crash (CVE-2018-5334).\n\nThe WCP dissector could crash (CVE-2018-5335).\n\nMultiple dissectors could crash (CVE-2018-5336).\n\nPrior to this release dumpcap enabled the Linux kernel’s BPF JIT\ncompiler via the net.core.bpf_jit_enable sysctl. This could make\nsystems more vulnerable to Spectre variant 1 and this feature has been\nremoved (CVE-2017-5753).\n","modified":"2026-02-04T03:05:52.442249Z","published":"2018-01-12T19:49:32Z","related":["CVE-2017-17997","CVE-2017-5753","CVE-2018-5334","CVE-2018-5335","CVE-2018-5336"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0071.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22374"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-01.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-02.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-03.html"},{"type":"REPORT","url":"https://www.wireshark.org/security/wnpa-sec-2018-04.html"},{"type":"REPORT","url":"https://www.wireshark.org/docs/relnotes/wireshark-2.2.12.html"},{"type":"REPORT","url":"https://www.wireshark.org/news/20180111.html"}],"affected":[{"package":{"name":"wireshark","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/wireshark?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.2.12-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0071.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}