wnpa-sec-2022-02 · Large loops in multiple dissectors
Summary
Name: Large loops in multiple dissectors
Docid: wnpa-sec-2022-02
Date: February 10, 2022
Affected versions: 3.6.0 to 3.6.1, 3.4.0 to 3.4.11
Fixed versions: 3.6.2, 3.4.12
References:
Wireshark issue 17829.
Wireshark issue 17842.
Wireshark issue 17847.
Wireshark issue 17855.
Wireshark issue 17891.
Wireshark issue 17925.
Wireshark issue 17926.
Wireshark issue 17931.
Wireshark issue 17932.
Wireshark issue 17933.
CVE-2022-0585.
Details
Description
Large loops were discovered in multiple dissectors, including AMP, ATN-ULCS and possibly other ASN.1 PER dissectors, BP, GDSDB, OpenFlow v5, P_MUL, SoulSeek, TDS, WBXML, WSP and possibly other WAP dissectors, and ZigBee ZCL. Discovered by Sharon Brizinov.
Impact
It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Resolution
Upgrade to Wireshark 3.6.2, 3.4.12 or later.