Wireshark OpenFlow v5 Protocol Dissector Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the OpenFlow v5 protocol dissector of Wireshark. This issue, present in versions 4.6.0 through 4.6.4 and 4.4.0 through 4.4.14, arises from the dissector's handling of zero-length actions, which can cause infinite loops and excessive CPU consumption. The vulnerability can be triggered by injecting malformed packets or by convincing a user to open a packet trace file containing the crafted data.

Impact

Exploitation of this vulnerability leads to infinite loops within the OpenFlow v5 dissector, causing crashes and excessive CPU usage.

Reproduction

The vulnerability can be reproduced by using TShark, Wireshark's command-line counterpart, to read a crafted pcap file that contains OpenFlow v5 packets with specific characteristics that trigger the infinite loop. This can be done by using the '-o ip.defragment:FALSE' option to prevent IP defragmentation, which is important for correctly processing the OpenFlow v5 messages.

Remediation

Users are advised to upgrade to Wireshark versions 4.6.5, 4.4.15 or later.