Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 11036] New: Infinite loop DoS in LBMR dissector

Wireshark-bugs: [Wireshark-bugs] [Bug 11036] New: Infinite loop DoS in LBMR dissector

Date: Sat, 07 Mar 2015 22:08:10 +0000

Bug ID	11036
Summary	Infinite loop DoS in LBMR dissector
Product	Wireshark
Version	1.12.3
Hardware	x86
OS	Mac OS X 10.9
Status	UNCONFIRMED
Severity	Normal
Priority	Low
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Build Information:
Version 1.99.2 (v1.99.2-0-gb2db3bf from master)
--
Hello, I found an infinite loop condition using Fabian Yamaguchi's tool joern.
There is an infinite loop condition in dissect_lbmr_pser() in
epan/dissectors/packet-lbmr.c. It's possible for an attacker to set the the
variable 'option_len' to 0, causing the loop to never terminate. Unfortunately,
I couldn't find an LBMR sample to synthesize an example packet capture from.

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 11036] Infinite loop DoS in LBMR dissector
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11036] Infinite loop DoS in LBMR dissector
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11036] Infinite loop DoS in LBMR dissector
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11036] Infinite loop DoS in LBMR dissector
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11036] Infinite loop DoS in LBMR dissector
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 11036] Infinite loop DoS in LBMR dissector
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 5390] 802.3 Jumbo frames not decoded correctly when capturing
Next by Date: [Wireshark-bugs] [Bug 9924] wireshark crashes when clicking "create new folder" in save dialog box
Previous by thread: [Wireshark-bugs] [Bug 5390] 802.3 Jumbo frames not decoded correctly when capturing
Next by thread: [Wireshark-bugs] [Bug 11036] Infinite loop DoS in LBMR dissector
Index(es):
- Date
- Thread