wnpa-sec-2018-06 · Large or infinite loops in multiple dissectors
Summary
Name: Large or infinite loops in multiple dissectors
Docid: wnpa-sec-2018-06
Date: February 23, 2018
Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12
Fixed versions: 2.4.5, 2.2.13
References:
Wireshark issue 14379.
Wireshark issue 14408.
Wireshark issue 14411.
Wireshark issue 14412.
Wireshark issue 14413.
Wireshark issue 14414.
Wireshark issue 14419.
Wireshark issue 14420.
Wireshark issue 14421.
Wireshark issue 14423.
Wireshark issue 14428.
Wireshark issue 14444.
Wireshark issue 14445.
Wireshark issue 14449.
CVE-2018-7321.
CVE-2018-7322.
CVE-2018-7323.
CVE-2018-7324.
CVE-2018-7325.
CVE-2018-7326.
CVE-2018-7327.
CVE-2018-7328.
CVE-2018-7329.
CVE-2018-7330.
CVE-2018-7331.
CVE-2018-7332.
CVE-2018-7333.
Details
Description
Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors, along with the DICOM, DMP, LLTD, OpenFlow, RELOAD, RPCoRDMA, RPKI-Router, S7COMM, SCCP, Thread, Thrift, USB, and WCCP dissectors were susceptible.
Impact
It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Resolution
Upgrade to Wireshark 2.4.5, 2.2.13 or later.