wireshark: NFS dissector crash (CVE-2020-13164)
In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.
Fixed In Version:
wireshark 3.2.4, 3.0.11, 2.6.17
References:
- https://www.wireshark.org/security/wnpa-sec-2020-08.html
- https://nvd.nist.gov/vuln/detail/CVE-2020-13164
Affected branches:
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information