ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online

wnpa-sec-2024-07 · MONGO and ZigBee TLV dissector infinite loops

Summary

Name: MONGO and ZigBee TLV dissector infinite loops

Docid: wnpa-sec-2024-07

Date: May 15, 2024

Affected versions: 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, 3.6.0 to 3.6.22

Fixed versions: 4.2.5, 4.0.15, 3.6.23

References:

Wireshark issue 19726.
CVE-2024-4854.

Details

Description

The MONGO and ZigBee TLV dissectors could go into infinite loops.

Impact

We are unaware of any active exploits for this issue. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

Resolution

Upgrade to Wireshark 4.2.5, 4.0.15, 3.6.23 or later.