ArchLinux: 202011-13: wireshark-cli: denial of service
Summary
A resource exhaustion issue has been found in the GQUIC decoder of Wireshark before 3.2.8.
Resolution
Upgrade to 3.4.0-1.
# pacman -Syu "wireshark-cli>=3.4.0-1"
The problem has been fixed upstream in version 3.4.0.
References
https://www.wireshark.org/security/wnpa-sec-2020-15.html https://gitlab.com/wireshark/wireshark/-/issues/16887 https://gitlab.com/wireshark/wireshark/-/commit/b287e7165e8aa89cde6ae37e7c257c5d87d16b9b https://security.archlinux.org/CVE-2020-28030
Workaround
None.