CVE Vulnerabilities

CVE-2018-7328

Loop with Unreachable Exit Condition ('Infinite Loop')

Published: Feb 23, 2018 | Modified: Nov 07, 2023
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite loop that was addressed by rejecting short frame header lengths.

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

Name Vendor Start Version End Version
Wireshark Wireshark 2.2.0 (including) 2.2.12 (including)
Wireshark Wireshark 2.4.0 (including) 2.4.4 (including)
Wireshark Ubuntu artful *
Wireshark Ubuntu bionic *
Wireshark Ubuntu trusty *
Wireshark Ubuntu upstream *
Wireshark Ubuntu xenial *

References