In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26575
Reference (s):
- https://www.wireshark.org/security/wnpa-sec-2020-14.html
- URL: https://www.wireshark.org/security/wnpa-sec-2020-14.html
- FEDORA:FEDORA-2020-4cff262f07
- URL: https://lists.fedoraproject.org/archives/list/[email protected]/message/UHZSVK7PO2LTGFQXFHFXY6SOMSQ7UPRS/
- FEDORA:FEDORA-2020-d4344dd12f