HCE2-SA-2024-0305 Important HCE 2.0 Security Fix(es): A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. (CVE-2024-24476) NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file (CVE-2024-8250) SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file (CVE-2024-8645) HCE 2.0 wireshark-3.6.14-8.r3.hce2.aarch64.rpm wireshark-devel-3.6.14-8.r3.hce2.aarch64.rpm wireshark-help-3.6.14-8.r3.hce2.aarch64.rpm wireshark-3.6.14-8.r3.hce2.x86_64.rpm wireshark-devel-3.6.14-8.r3.hce2.x86_64.rpm wireshark-help-3.6.14-8.r3.hce2.x86_64.rpm