CVE-2017-7705

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-7705

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7705.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-7705

Related

Published

2017-04-12T23:59:00Z

Modified

2024-09-18T02:55:32.699749Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset.

References

Affected packages

Alpine:v3.5 / wireshark

Package

Name: wireshark
Purl: pkg:apk/alpine/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.6-r0

Affected versions

1.*

1.2.1-r0

1.2.2-r0

1.2.4-r0

1.2.6-r0

1.2.6-r1

1.2.6-r2

1.2.8-r0

1.2.9-r0

1.2.10-r0

1.4.0-r0

1.4.1-r0

1.4.2-r0

1.4.3-r0

1.4.4-r0

1.4.5-r0

1.4.6-r0

1.4.7-r0

1.6.0-r0

1.6.0-r1

1.6.1-r0

1.6.2-r0

1.6.3-r0

1.6.4-r0

1.6.5-r0

1.6.6-r0

1.6.6-r1

1.6.8-r0

1.6.8-r1

1.8.1-r0

1.8.2-r0

1.8.3-r0

1.8.4-r0

1.8.5-r0

1.8.6-r0

1.8.7-r0

1.10.0-r0

1.10.1-r0

1.10.2-r0

1.10.2-r1

1.10.3-r0

1.10.3-r1

1.10.4-r0

1.10.5-r0

1.10.5-r1

1.10.6-r0

1.10.7-r0

1.10.8-r0

1.12.0-r0

1.12.0-r1

1.12.1-r0

1.12.1-r1

1.12.2-r0

1.12.3-r0

1.12.4-r0

1.12.4-r1

1.12.5-r0

1.12.7-r0

1.12.8-r0

2.*

2.0.0-r0

2.0.1-r0

2.0.2-r0

2.0.3-r0

2.0.4-r0

2.0.5-r0

2.2.0-r0

2.2.0-r1

2.2.2-r0

2.2.3-r0

2.2.4-r0

2.2.4-r1

2.2.5-r0

Debian:11 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.6+g32dac6a-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.6+g32dac6a-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.6+g32dac6a-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0ad795bc8c4e98c9cd49b5609df19ccce2640666

Last affected

440fd4d501cf0e5aa319a97d0f874641d733e4a1

Last affected

5368c50be46d4a44986d12bdfc0a35b42c0f34fc

Last affected

57531cdd46cf170524c1fbbfd2c44132bb36e7c6

Last affected

59ea380c69dca2bc2f97fa97c1bf410bbcd2411c

Last affected

611e0b78a0b93c1e29fd9a629ad4e91994ae1b13

Last affected

775fb085cdfebafa565c5b428f0a130d82dbefcb

Last affected

9a73b827b22c7ce9132e939b9f07ec4425fc2aa6

Last affected

9af92735baf48cac9779176a9319f6a5c1115cb6

Last affected

a16e22ed9cbbc599fe8b7b8e40a6696a0138c489

Last affected

a3be9c6de540ae1fade63568cc77d928b3c52ef7

Last affected

a6fbd278e2d72ed3524995464c86929b51867802

Last affected

b2423a12c30165075e9d0d033da7d562e0efc05b

Last affected

cc3dc1b648d341a489fb95faef3795d8cb2b6192

Last affected

d0e42d78193cfacd1022656cd8dad7fc222e6dbc

Last affected

daac0f493f09ff68e194a30bf0f5318db96b99cd

Last affected

dd7746e6f1b034048cd986ca6f44291e712cc1fc

Last affected

eed34f0ac6696c053585ddf75c5805b3d5b395cf

Affected versions

2.*

2.2.1rc0

Other

backups/ethereal@18706

ethereal-0-3-15

start

ethereal-0.*

ethereal-0.3.15

v1.*

v1.11.0

v1.11.0-rc1

v1.11.1

v1.11.1-rc1

v1.11.2

v1.11.2-rc1

v1.11.3

v1.11.3-rc1

v1.11.4-rc1

v1.99.0

v1.99.0-rc1

v1.99.1

v1.99.10rc0

v1.99.1rc0

v1.99.2

v1.99.2rc0

v1.99.3

v1.99.3rc0

v1.99.4

v1.99.4rc0

v1.99.5

v1.99.5rc0

v1.99.6

v1.99.6rc0

v1.99.7

v1.99.7rc0

v1.99.8

v1.99.8rc0

v1.99.9

v1.99.9rc0

v2.*

v2.0.0

v2.0.0rc0

v2.0.0rc1

v2.0.0rc2

v2.0.0rc3

v2.0.1

v2.0.10

v2.0.10rc0

v2.0.1rc0

v2.0.2

v2.0.2rc0

v2.0.3

v2.0.3rc0

v2.0.4

v2.0.4rc0

v2.0.5

v2.0.5rc0

v2.0.6

v2.0.6rc0

v2.0.7

v2.0.7rc0

v2.0.8

v2.0.8rc0

v2.0.9

v2.0.9rc0

v2.1.0

v2.1.0rc0

v2.1.1

v2.1.1rc0

v2.1.2rc0

v2.2.0

v2.2.0rc0

v2.2.0rc1

v2.2.0rc2

v2.2.1

v2.2.1rc0

v2.2.2

v2.2.2rc0

v2.2.3

v2.2.3rc0

v2.2.4

v2.2.4rc0

v2.2.5

v2.2.5rc0

wireshark-1.*

wireshark-1.11.3

wireshark-1.99.0

wireshark-1.99.1

wireshark-1.99.2

wireshark-1.99.3

wireshark-1.99.4

wireshark-1.99.5

wireshark-1.99.6

wireshark-1.99.7

wireshark-1.99.8

wireshark-1.99.9

wireshark-2.*

wireshark-2.0.0

wireshark-2.0.1

wireshark-2.0.10

wireshark-2.0.2

wireshark-2.0.3

wireshark-2.0.4

wireshark-2.0.5

wireshark-2.0.6

wireshark-2.0.7

wireshark-2.0.8

wireshark-2.0.9

wireshark-2.1.0

wireshark-2.1.1

wireshark-2.2.0

wireshark-2.2.0rc1

wireshark-2.2.0rc2

wireshark-2.2.1

wireshark-2.2.2

wireshark-2.2.3

wireshark-2.2.4

wireshark-2.2.5