wnpa-sec-2023-06 · Multiple dissector excessive loops

Summary

Name: Multiple dissector excessive loops

Docid: wnpa-sec-2023-06

Date: January 18, 2023

Affected versions: 4.0.0 to 4.0.2, 3.6.0 to 3.6.10

Fixed versions: 4.0.3, 3.6.11

References:
Wireshark issue 18711
Wireshark issue 18720
Wireshark issue 18737

Details

Description

The BPv6, NCP, and RTPS dissectors could loop excessively.

Impact

It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

Resolution

Upgrade to Wireshark 4.0.3, 3.6.11 or later.