SUSE has released a critical Wireshark security update (CVE-2024-4853) fixing a DoS vulnerability. Learn how to patch SUSE Linux Enterprise Server 12 SP5 systems and protect your network infrastructure from crafted malicious files
Key Security Vulnerability Addressed
A moderate-risk vulnerability (CVE-2024-4853) affecting Wireshark, the leading network protocol analyzer, has been patched. This update prevents denial-of-service (DoS) attacks triggered by maliciously crafted capture files.
Affected Systems:
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
SUSE Linux Enterprise Server for SAP Applications 12 SP5
CVSS Score: 5.5 (Medium Severity)
Attack Vector (AV): Local
Impact: Availability (High)
Why This Update Matters for Enterprises
Wireshark is a mission-critical tool for network administrators, cybersecurity professionals, and IT teams. Unpatched systems risk service disruptions, making this update essential for:
✔ Corporate security compliance
✔ Stable network monitoring
✔ Preventing exploitation in enterprise environments
How to Install the Security Patch
Recommended Methods:
YaST Online Update (GUI-based)
Zypper Patch (Command-line)
Manual Installation Command:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1522=1 Updated Package List (x86_64)
| Package | Version |
|---|---|
| wireshark | 2.4.16-48.60.1 |
| libwireshark9 | 2.4.16-48.60.1 |
| wireshark-gtk | 2.4.16-48.60.1 |
| wireshark-devel | 2.4.16-48.60.1 |
| (Full list available in original advisory) |
Additional References
🔗 SUSE CVE-2024-4853 Advisory
🔗 Bugzilla Report (bsc#1224259)
Proactive Security Best Practices
Schedule regular patch deployments
Monitor network traffic for anomalies
Use Wireshark in controlled environments
Nenhum comentário:
Postar um comentário