Jakub Zawadzki

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The DMP dissector in Wireshark could enter an infinite loop due to incorrect support for a bounded number of Security Categories for a DMP Security Classification. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that correctly supports a bounded number of Security Categories for a DMP Security Classification. For Wireshark versions 2.4.0 through 2.4.4, update to a version that correctly supports a bounded number of Security Categories for a DMP Security Classification.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to the DOCSIS protocol dissector, which could cause a crash in the affected versions. The problem was due to a recursive algorithm used for concatenated PDUs. **Recommendations** For Wireshark versions 2.4.0 through 2.4.4, the issue was addressed by removing the recursive algorithm in the plugins/docsis/packet-docsis.c file. Update to a version where this fix has been applied to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue allows an attacker to cause a denial of service, resulting in a crash, by using a malformed packet capture file. This is due to a problem in the IPMI dissector. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update the epan/dissectors/packet-ipmi-picmg.c file to add support for crafted packets that lack an IPMI header. For Wireshark versions 2.4.0 through 2.4.4, update the epan/dissectors/packet-ipmi-picmg.c file to add support for crafted packets that lack an IPMI header. As a temporary workaround, consider disabling the IPMI dissector until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue concerns a denial of service (crash) that can be caused by a malformed packet trace file. This is due to a problem in the SIGCOMP dissector. The crash occurs because of incorrect extraction of the length value. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version where the SIGCOMP dissector issue is fixed. For Wireshark versions 2.4.0 through 2.4.4, update to a version where the SIGCOMP dissector issue is fixed. As a temporary workaround, consider avoiding the use of the SIGCOMP dissector until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The NBAP dissector in Wireshark could crash due to incorrect initialization of the DCH ID. This issue allows attackers to cause a denial of service by using a malformed packet trace file. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update the `nbap.cnf` file in `epan/dissectors/asn1/nbap/` to ensure DCH ID initialization. For Wireshark versions 2.4.0 through 2.4.4, update the `nbap.cnf` file in `epan/dissectors/asn1/nbap/` to ensure DCH ID initialization. As a temporary workaround, consider disabling the NBAP dissector until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to a large loop in the epan/dissectors/packet-thrift.c file. This loop was addressed by stopping the dissection process after encountering an unexpected type, preventing potential issues. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version outside of this range to resolve the issue. For Wireshark versions 2.4.0 through 2.4.4, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting the use of the `packet-thrift.c` dissector until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to an infinite loop in the epan/dissectors/packet-dcm.c file. This loop was caused by integer wraparound and has been addressed by adding a check for this condition. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that includes the fix for the infinite loop in epan/dissectors/packet-dcm.c. For Wireshark versions 2.4.0 through 2.4.4, update to a version that includes the fix for the infinite loop in epan/dissectors/packet-dcm.c.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to a large loop in the epan/dissectors/packet-wccp.c file. This was addressed by ensuring that a calculated length was monotonically increasing. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that includes the fix for the large loop issue in epan/dissectors/packet-wccp.c. For Wireshark versions 2.4.0 through 2.4.4, update to a version that includes the fix for the large loop issue in epan/dissectors/packet-wccp.c.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to an infinite loop in the `epan/dissectors/packet-sccp.c` file. This was caused by an incorrect integer data type, which has been addressed by using the correct data type. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that uses the correct integer data type to fix the infinite loop issue. For Wireshark versions 2.4.0 through 2.4.4, update to a version that uses the correct integer data type to fix the infinite loop issue.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to an infinite loop in the epan/dissectors/packet-rpki-rtr.c file. This was caused by a failure to validate a length field, which has been addressed. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that includes the validation of the length field to prevent the infinite loop. For Wireshark versions 2.4.0 through 2.4.4, update to a version that includes the validation of the length field to prevent the infinite loop.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to an infinite loop in the `packet-lltd.c` file, which was caused by an incorrect integer data type. This was addressed by using the correct data type. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that uses the correct integer data type to prevent the infinite loop. For Wireshark versions 2.4.0 through 2.4.4, update to a version that uses the correct integer data type to prevent the infinite loop.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to an infinite loop in the epan/dissectors/packet-usb.c file. This was caused by not properly handling short frame header lengths, which has been addressed by rejecting such lengths. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that includes the fix for the infinite loop issue in the epan/dissectors/packet-usb.c file. For Wireshark versions 2.4.0 through 2.4.4, update to a version that includes the fix for the infinite loop issue in the epan/dissectors/packet-usb.c file.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to an infinite loop in the epan/dissectors/packet-thread.c file. This was caused by an incorrect integer data type, which has been addressed by using the correct data type. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that uses the correct integer data type to prevent the infinite loop. For Wireshark versions 2.4.0 through 2.4.4, update to a version that uses the correct integer data type to prevent the infinite loop.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to an infinite loop in the epan/dissectors/packet-ber.c file, which was resolved by adding length validation. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that includes the fix for the infinite loop in the epan/dissectors/packet-ber.c file. For Wireshark versions 2.4.0 through 2.4.4, update to a version that includes the fix for the infinite loop in the epan/dissectors/packet-ber.c file.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to an infinite loop in the epan/dissectors/packet-reload.c file, which was addressed by adding length validation. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that includes the fix for the infinite loop in epan/dissectors/packet-reload.c. For Wireshark versions 2.4.0 through 2.4.4, update to a version that includes the fix for the infinite loop in epan/dissectors/packet-reload.c.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The issue is related to an infinite loop in the epan/dissectors/packet-rpcrdma.c file, which was addressed by validating a chunk size. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update to a version that includes the fix for the infinite loop in the epan/dissectors/packet-rpcrdma.c file. For Wireshark versions 2.4.0 through 2.4.4, update to a version that includes the fix for the infinite loop in the epan/dissectors/packet-rpcrdma.c file.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.2.0 through 2.2.12 Wireshark versions 2.4.0 through 2.4.4 **Description** The IEEE 802.11 dissector could crash due to a vulnerability. This issue was addressed by rejecting lengths that are too small in the epan/crypt/airpdcap.c file. **Recommendations** For Wireshark versions 2.2.0 through 2.2.12, update the epan/crypt/airpdcap.c file to reject lengths that are too small. For Wireshark versions 2.4.0 through 2.4.4, update the epan/crypt/airpdcap.c file to reject lengths that are too small.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.0.0 through 2.0.12 Wireshark versions 2.2.0 through 2.2.6 **Description** The Bazaar dissector in Wireshark could enter an infinite loop due to the possibility of backwards parsing. This issue was resolved by modifying the `packet-bzr.c` file in the `epan/dissectors` directory to prevent such parsing. **Recommendations** For Wireshark versions 2.0.0 through 2.0.12, update to a version where the `packet-bzr.c` file has been modified to prevent backwards parsing. For Wireshark versions 2.2.0 through 2.2.6, update to a version where the `packet-bzr.c` file has been modified to prevent backwards parsing.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.0.0 through 2.0.11 Wireshark versions 2.2.0 through 2.2.5 **Description** The RPC over RDMA dissector could enter an infinite loop, triggered by packet injection or a malformed capture file. This issue was addressed by correctly checking for going beyond the maximum offset in the `packet-rpcrdma.c` file. **Recommendations** For Wireshark versions 2.0.0 through 2.0.11, update to a version that includes the fix in `epan/dissectors/packet-rpcrdma.c`. For Wireshark versions 2.2.0 through 2.2.5, update to a version that includes the fix in `epan/dissectors/packet-rpcrdma.c`.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 2.0.0 through 2.0.11 Wireshark versions 2.2.0 through 2.2.5 **Description** The issue arises from the WSP dissector potentially entering an infinite loop. This can be triggered by either packet injection or a malformed capture file. **Recommendations** For Wireshark versions 2.0.0 through 2.0.11, update to a version where the length check has been added to epan/dissectors/packet-wsp.c to prevent the infinite loop. For Wireshark versions 2.2.0 through 2.2.5, update to a version where the length check has been added to epan/dissectors/packet-wsp.c to prevent the infinite loop.