Bug 2054047 (CVE-2022-0586)

Summary: CVE-2022-0586 wireshark: RTMPT dissector infinite loop
Product: [Other] Security Response Reporter: Sandipan Roy <saroy>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: alekcejk, denis, huzaifas, lemenkov, mruprich, peter, rvokal, sergey.avseyev
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: wireshark 3.6.2, wireshark 3.4.12 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-04-10 16:07:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2054048    
Bug Blocks: 2054060    

Description Sandipan Roy 2022-02-14 06:07:02 UTC 
It was discovered that in Wireshark before 3.6.2 (and 3.4.12) the RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

Affected versions: 3.6.0 to 3.6.1, 3.4.0 to 3.4.11
Fixed versions: 3.6.2, 3.4.12 

References:
https://www.wireshark.org/security/wnpa-sec-2022-01
https://gitlab.com/wireshark/wireshark/-/issues/17813
Comment 1 Sandipan Roy 2022-02-14 06:07:30 UTC 
Created wireshark tracking bugs for this issue:

Affects: fedora-all [bug 2054048]
Comment 2 devthomp 2022-04-10 16:07:38 UTC 
In reply to comment #0:
> It was discovered that in Wireshark before 3.6.2 (and 3.4.12) the RTMPT
> dissector could go into an infinite loop. It may be possible to make
> Wireshark consume excessive CPU resources by injecting a malformed packet
> onto the wire or by convincing someone to read a malformed packet trace file.
> 
> Affected versions: 3.6.0 to 3.6.1, 3.4.0 to 3.4.11
> Fixed versions: 3.6.2, 3.4.12 
> 
> References:
> https://www.wireshark.org/security/wnpa-sec-2022-01
> https://gitlab.com/wireshark/wireshark/-/issues/17813

Marking not affected given our rhel wireshark release versions:

enterprise_linux:8.1:appstream/wireshark-2.6.2-11.el8
enterprise_linux:8.2:appstream/wireshark-2.6.2-12.el8
enterprise_linux:8.4:appstream/wireshark-2.6.2-12.el8
enterprise_linux:8.5:appstream/wireshark-2.6.2-14.el8
enterprise_linux:9.0:appstream/wireshark-3.4.10-1.el9