KLA10955 Denial of service vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark 2.0.0 to 2.0.9 and 2.2.0 to 2.2.3. Malicious users can exploit these vulnerabilities to possibly cause a denial of service.

Below is a complete list of vulnerabilities:

1. The DHCPv6 dissector large loop vulnerability can be exploited remotely via a malformed captured file or a packet injection to consume excessive CPU and possibly cause a denial of service;
2. The ASTERIX dissector infinite loop vulnerability can be exploited remotely via a malformed captured file or a packet injection to consume excessive CPU and possibly cause a denial of service.

Technical details

Vulnerability (1) is related to the file epan/dissectors/packet-dhcpv6.c.

Vulnerability (2) is related to file epan/dissectors/packet-asterix.c.

Original advisories

wnpa-sec-2017-01

wnpa-sec-2017-02

Related products

Wireshark

CVE list

CVE-2017-5597 warning

CVE-2017-5596 warning

Solution

Update to the latest versions

Download Wireshark

Impacts

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

• Wireshark 2.0.0 to 2.0.9Wireshark 2.2.0 to 2.2.3