Summary
Name: Large or infinite loops in multiple dissectors
Docid: wnpa-sec-2018-06
Date: February 23, 2018
Affected versions: 2.4.0 to 2.4.4, 2.2.0 to 2.2.12
Fixed versions: 2.4.5, 2.2.13
References:
Wireshark bug 14379
Wireshark bug 14408
Wireshark bug 14411
Wireshark bug 14412
Wireshark bug 14413
Wireshark bug 14414
Wireshark bug 14419
Wireshark bug 14420
Wireshark bug 14421
Wireshark bug 14423
Wireshark bug 14428
Wireshark bug 14444
Wireshark bug 14445
Wireshark bug 14449
CVE-2018-7321
CVE-2018-7322
CVE-2018-7323
CVE-2018-7324
CVE-2018-7325
CVE-2018-7326
CVE-2018-7327
CVE-2018-7328
CVE-2018-7329
CVE-2018-7330
CVE-2018-7331
CVE-2018-7332
CVE-2018-7333
Details
Description
Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors, along with the DICOM, DMP, LLTD, OpenFlow, RELOAD, RPCoRDMA, RPKI-Router, S7COMM, SCCP, Thread, Thrift, USB, and WCCP dissectors were susceptible.
Impact
It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Resolution
Upgrade to Wireshark 2.4.5, 2.2.13 or later.
I have a lot of traffic...
ANSWER: SteelCentral™ AppResponse 11
- • Full stack analysis – from packets to pages
- • Rich performance metrics & pre-defined insights for fast problem identification/resolution
- • Modular, flexible solution for deeply-analyzing network & application performance