Bug 2039009 (CVE-2021-4184, wnpa-sec-2021-18)
Summary: | CVE-2021-4184 wireshark: BitTorrent DHT dissector infinite loop | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
Component: | vulnerability | Assignee: | Nobody <nobody> |
Status: | NEW --- | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | alekcejk, denis, huzaifas, lemenkov, mruprich, msehnout, peter, rvokal, sergey.avseyev |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | wireshark 3.6.1, wireshark 3.4.11 | Doc Type: | If docs needed, set a value |
Doc Text: |
An infinite-loop flaw was found in Wireshark's DHT dissector module. This flaw allows an attacker with local network access to pass specially crafted capture files, causing an application to halt, crash or go into an infinite loop.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | Type: | --- | |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2039010, 2039200 | ||
Bug Blocks: | 2039018 |
Description
Guilherme de Almeida Suckevicz
2022-01-10 17:56:37 UTC
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 2039010] |