Bug 2235812 (CVE-2023-4511)

Summary: CVE-2023-4511 wireshark: DoS (infinite loop) via packet injection or crafted capture file
Product: [Other] Security Response Reporter: Anten Skrabec <askrabec>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: dfreiber, fhrdina, jburrell, mruprich, rogbas, vkumar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: wireshark 4.0.8, wireshark 3.6.16 Doc Type: If docs needed, set a value
Doc Text:
A denial of service vulnerability was found in Wireshark due to an infinite loop in the Bluetooth (BT) SDP dissector. Exploiting this flaw involves injecting a malformed packet onto the wire or enticing a victim to read a corrupted packet trace file, resulting in a crash of the BT SDP dissector. This issue may allow a remote attacker to perform a DoS attack by consuming all available system resources, leading to excessive CPU resource consumption.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2235991, 2235992, 2235998, 2235999, 2236000, 2236004    
Bug Blocks: 2235815    

Description Anten Skrabec 2023-08-29 19:43:11 UTC 
BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file

https://gitlab.com/wireshark/wireshark/-/issues/19258
https://www.wireshark.org/security/wnpa-sec-2023-24.html
Comment 4 msiddiqu 2023-08-30 06:38:31 UTC 
Created wireshark tracking bugs for this issue:

Affects: fedora-all [bug 2236004]