Description A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the Distributed Relational Database Architecture (DRDA) dissector (epan/dissectors/packet-drda.c) and can be exploited to cause an infinite loop and consume CPU resources via a specially crafted packet. The vulnerability is reported in version 1.8.2. Other versions may also be affected. Solution Fixed in the source code repository. Provided and/or discovered by Reported by Martin Wilck via a bug report. Original Advisory Wireshark: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44749
CVE-2012-3548 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3548): The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.
Upstream is taking much too long. The patch hasn't been back-ported (whitespace fixes, really) to the 1.6 branch, there is no 1.9 out yet, and no fixed 1.8 release yet. Arch teams, please test and mark stable: =net-analyzer/wireshark-1.6.10-r2 =net-analyzer/wireshark-1.8.2-r2 Stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86
x86 done.
Stable for HPPA.
amd64 stable
alpha/ia64/sparc stable
ppc64 stable
stable ppc
Thanks, everyone. Since it is just 1 CVE, I added it on to the existing GLSA draft.
This issue was resolved and addressed in GLSA 201308-05 at http://security.gentoo.org/glsa/glsa-201308-05.xml by GLSA coordinator Sergey Popov (pinkbyte).