CVE-2017-6470 : What You Need to Know

Wireshark versions 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10 were affected by an infinite loop issue in the packet-iax2.c file. This vulnerability has been resolved.

Understanding CVE-2017-6470

This CVE entry addresses a specific vulnerability in Wireshark versions 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10.

What is CVE-2017-6470?

In Wireshark versions 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, an infinite loop vulnerability existed in the packet-iax2.c file, which could be triggered by packet injection or improperly formatted capture files. The fix involved implementing restrictions on packet lateness.

The Impact of CVE-2017-6470

This vulnerability could potentially lead to denial of service or other security compromises by causing Wireshark to enter an infinite loop, consuming excessive resources.

Technical Details of CVE-2017-6470

Wireshark versions 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10 were affected by this vulnerability.

Vulnerability Description

The issue resided in the packet-iax2.c file, allowing for an infinite loop when processing packets.

Affected Systems and Versions

Wireshark versions 2.2.0 to 2.2.4
Wireshark versions 2.0.0 to 2.0.10

Exploitation Mechanism

The vulnerability could be exploited through packet injection or the use of improperly formatted capture files.

Mitigation and Prevention

It is crucial to take immediate steps to address and prevent the exploitation of this vulnerability.

Immediate Steps to Take

Update Wireshark to the latest patched version.
Avoid opening suspicious or untrusted capture files.

Long-Term Security Practices

Regularly update Wireshark and other software to patch known vulnerabilities.
Implement network segmentation to limit the impact of potential attacks.

Patching and Updates

Ensure that Wireshark is regularly updated to the latest version containing security patches.