It was discovered that in Wireshark before 3.6.2 (and 3.4.12) the RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Affected versions: 3.6.0 to 3.6.1, 3.4.0 to 3.4.11 Fixed versions: 3.6.2, 3.4.12 References: https://www.wireshark.org/security/wnpa-sec-2022-01 https://gitlab.com/wireshark/wireshark/-/issues/17813
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 2054048]
In reply to comment #0: > It was discovered that in Wireshark before 3.6.2 (and 3.4.12) the RTMPT > dissector could go into an infinite loop. It may be possible to make > Wireshark consume excessive CPU resources by injecting a malformed packet > onto the wire or by convincing someone to read a malformed packet trace file. > > Affected versions: 3.6.0 to 3.6.1, 3.4.0 to 3.4.11 > Fixed versions: 3.6.2, 3.4.12 > > References: > https://www.wireshark.org/security/wnpa-sec-2022-01 > https://gitlab.com/wireshark/wireshark/-/issues/17813 Marking not affected given our rhel wireshark release versions: enterprise_linux:8.1:appstream/wireshark-2.6.2-11.el8 enterprise_linux:8.2:appstream/wireshark-2.6.2-12.el8 enterprise_linux:8.4:appstream/wireshark-2.6.2-12.el8 enterprise_linux:8.5:appstream/wireshark-2.6.2-14.el8 enterprise_linux:9.0:appstream/wireshark-3.4.10-1.el9