FS#68167 : [security][wireshark-cli] CVE-2020-26575

FS#68167 - [security][wireshark-cli] CVE-2020-26575

Attached to Project: Community Packages
Opened by loqs (loqs) - Friday, 09 October 2020, 12:12 GMT
Last edited by Andreas Radke (AndyRTR) - Thursday, 22 July 2021, 05:30 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Levente Polyak (anthraxx) Filipe Laíns (FFY00)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Description:
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.

Additional info:
* wireshark-cli 3.2.7-1
* https://nvd.nist.gov/vuln/detail/CVE-2020-26575

This task depends upon

Closed by Andreas Radke (AndyRTR)
Thursday, 22 July 2021, 05:30 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed wireshark 3.4.0-1

Comment by loqs (loqs) - Friday, 23 October 2020, 20:20 GMT

Patch for 3.2 branch [1].

[1] https://gitlab.com/wireshark/wireshark/-/commit/2bdcb78afd65d58af9ea72aff0f360408e388db8

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#68167 - [security][wireshark-cli] CVE-2020-26575

Details

Loading...