ALT-PU-2020-2005-1
Closed vulnerabilities
Published: 2020-05-19
BDU:2022-00277
Уязвимость программы для анализа трафика wireshark, связанная с неконтролируемой рекурсией, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2020-05-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2020-13164
In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- openSUSE-SU-2020:1188
- openSUSE-SU-2020:1199
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16476
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e6e98eab8e5e0bbc982cfdc808f2469d7cab6c5a
- [debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update
- FEDORA-2020-4f5588cf97
- FEDORA-2020-ca3d3f15f0
- GLSA-202007-13
- https://www.wireshark.org/security/wnpa-sec-2020-08.html
- openSUSE-SU-2020:1188
- https://www.wireshark.org/security/wnpa-sec-2020-08.html
- GLSA-202007-13
- FEDORA-2020-ca3d3f15f0
- FEDORA-2020-4f5588cf97
- [debian-lts-announce] 20210206 [SECURITY] [DLA 2547-1] wireshark security update
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e6e98eab8e5e0bbc982cfdc808f2469d7cab6c5a
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16476
- openSUSE-SU-2020:1199