Wireshark RPCoRDMA Dissector 'packet-rpcrdma.c' Infinite Loop Denial of Service Vulnerability

Wireshark is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to cause the application to enter an infinite loop which may cause denial-of-service.

Wireshark 2.2.0 through 2.2.5 and 2.0.0 through 2.0.11 are vulnerable.

Information

Bugtraq ID: 97630
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-7705

Remote: Yes
Local: No
Published: Apr 12 2017 12:00AM
Updated: Apr 13 2017 08:05PM
Credit: Jakub Zawadzki
Vulnerable: Wireshark Wireshark 2.2.5
Wireshark Wireshark 2.2.4
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.2
Wireshark Wireshark 2.0.11
Wireshark Wireshark 2.0.10
Wireshark Wireshark 2.0.9
Wireshark Wireshark 2.0.8
Wireshark Wireshark 2.0.7
Wireshark Wireshark 2.0.6
Wireshark Wireshark 2.0.5
Wireshark Wireshark 2.0.3
Wireshark Wireshark 2.0.2
Wireshark Wireshark 2.0.4
Wireshark Wireshark 2.0.1
Wireshark Wireshark 2.0.0

Not Vulnerable: Wireshark Wireshark 2.2.6
Wireshark Wireshark 2.0.12

Exploit

A sample packet trace file is available in the Wireshark bug report. Please see the references for more information.

References:

• RPC-over-RDMA: protect against a variable overflow (Wireshark)
  
• Wireshark Homepage (Wireshark)
  
• Bug 13558 - libfuzzer: RPCoRDMA dissector loop (Wireshark)
  
• wnpa-sec-2017-15 · RPCoRDMA dissector infinite loop (Wireshark)
  

Source: www.securityfocus.com