Bug 2001867 (CVE-2021-22222)
| Summary: | CVE-2021-22222 wireshark: DVB-S2-BB dissector infinite loop | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | msiddiqu |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | alekcejk, denis, huzaifas, lemenkov, mruprich, msehnout, peter, rvokal, sergey.avseyev |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | wireshark 3.4.6 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-09-09 18:21:08 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2001868 | ||
| Bug Blocks: | 2001869 | ||
|
Description
msiddiqu
2021-09-07 11:13:59 UTC
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 2001868] References: https://github.com/wireshark/wireshark/commit/0137c24d60934f131b25506a88c9464e4dc827de https://github.com/wireshark/wireshark/commit/0d8be1fb797b3d65f1c2c204da76af8e8de6d3cc Flaw was introduced in the following commit: https://github.com/wireshark/wireshark/commit/4bf4ee88f0544727e7f89f3f288c6afd2f650a4c This commit was never introduced into any of our streams in RHEL 8 and below. RHEL 9 uses a fixed version of wireshark that does not contain this flaw. As such, no RHEL versions are affected by this flaw. This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-22222 |