1886047 – (CVE-2020-26575) CVE-2020-26575 wireshark: FBZERO dissector could enter an infinite loop

Bug 1886047 (CVE-2020-26575) - CVE-2020-26575 wireshark: FBZERO dissector could enter an infinite loop

Summary: CVE-2020-26575 wireshark: FBZERO dissector could enter an infinite loop

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2020-26575
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1886048 1886194
Blocks:	1886050
TreeView+	depends on / blocked

Reported:	2020-10-07 14:32 UTC by Michael Kaplan
Modified:	2021-06-29 20:51 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-06-29 20:51:18 UTC
Embargoed:

Attachments	(Terms of Use)

Description Michael Kaplan 2020-10-07 14:32:13 UTC

In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.


References:

https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab
https://gitlab.com/wireshark/wireshark/-/merge_requests/467
https://gitlab.com/wireshark/wireshark/-/merge_requests/471
https://gitlab.com/wireshark/wireshark/-/merge_requests/472
https://gitlab.com/wireshark/wireshark/-/merge_requests/473

Comment 1 Michael Kaplan 2020-10-07 14:32:42 UTC

Created wireshark tracking bugs for this issue:

Affects: fedora-all [bug 1886048]

Comment 3 Todd Cullum 2020-10-07 21:06:48 UTC

Statement:

Wireshark as shipped with Red Hat Enterprise Linux 5, 6, and 7 is not affected by this flaw because the Facebook Zero Dissector was not yet introduced until version 2.4.0rc0.

Note You need to log in before you can comment on or make changes to this bug.