Infinite loop in collectd (Alpine package)

Published: 2017-02-22

Risk	Medium
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2017-6014
CWE-ID	CWE-835
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	collectd (Alpine package) Operating systems & Components / Operating system package or component
Vendor	Alpine Linux Development Team

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Infinite loop

EUVDB-ID: #VU33263

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2017-6014

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.

Mitigation

Install update from vendor's website.

Vulnerable software versions

collectd (Alpine package): 5.5.1-r0 - 5.6.2-r1

collectd (Alpine package):

CPE2.3

External links

https://git.alpinelinux.org/aports/commit/?id=012e5b8ddaa5ad3353e0df651fd6b2f2097705ab
https://git.alpinelinux.org/aports/commit/?id=0fc0564f72ef78608f8a2d377d95facb4c388545
https://git.alpinelinux.org/aports/commit/?id=0713e068b75f53010649e8267a305b58a821f197
https://git.alpinelinux.org/aports/commit/?id=072fede08fb5b21fc94d4175e7b9d3a2959c7328

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.