Amazon Linux 2023 Security Advisory: ALAS-2023-277
Advisory Release Date: 2023-08-03 20:26 Pacific
Advisory Updated Date: 2023-08-09 23:15 Pacific
Severity:
Medium
Issue Overview:
Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file (CVE-2023-3648)
iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file (CVE-2023-3649)
Affected Packages:
wireshark
Issue Correction:
Run dnf update wireshark --releasever 2023.1.20230809 to update your system.
New Packages:
aarch64:
wireshark-cli-debuginfo-4.0.7-1.amzn2023.0.1.aarch64
wireshark-cli-4.0.7-1.amzn2023.0.1.aarch64
wireshark-devel-4.0.7-1.amzn2023.0.1.aarch64
wireshark-debugsource-4.0.7-1.amzn2023.0.1.aarch64
src:
wireshark-4.0.7-1.amzn2023.0.1.src
x86_64:
wireshark-cli-debuginfo-4.0.7-1.amzn2023.0.1.x86_64
wireshark-devel-4.0.7-1.amzn2023.0.1.x86_64
wireshark-cli-4.0.7-1.amzn2023.0.1.x86_64
wireshark-debugsource-4.0.7-1.amzn2023.0.1.x86_64