ELA-1052-1 wireshark security update

multiple vulnerabilities

2024-02-29
Packagewireshark
Version2.6.20-0+deb9u7 (stretch)
Related CVEs CVE-2023-4511 CVE-2023-4513 CVE-2023-6175 CVE-2024-0208


Multiple vulnerabilities have been fixed in the network traffic analyzer Wireshark.

CVE-2023-4511

BT SDP dissector infinite loop

CVE-2023-4513

BT SDP dissector memory leak

CVE-2023-6175

NetScreen file parser crash

CVE-2024-0208

GVCP dissector crash


For Debian 9 stretch, these problems have been fixed in version 2.6.20-0+deb9u7.

We recommend that you upgrade your wireshark packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.