bpv6 (Bundle) dissector int underflow/overflow leads to inf loop - denial of service

Summary

In the bpv6 protocol evaluate_sdnv function might return negative number which will be used in arithmetic for loop index

My short investigation concludes that all loop around these items are affected:

Please see the attached pcap as an example for the loop around hf_block_ciphersuite_result_type. bundle.block.ciphersuite_result_type.pcap

TShark (Wireshark) 3.7.0 (v3.7.0rc0-844-g14a1dfbe1083)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information