CVE-2020-11647: 
Wireshark vulnerability analysis and mitigation

The vulnerability CVE-2020-11647 affects Wireshark versions 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15. The vulnerability was discovered by the OSS-Fuzz project and disclosed on April 8, 2020. It involves a potential crash in the BACapp dissector component of Wireshark, a popular network protocol analyzer (Wireshark Security, CVE Details).

The vulnerability stems from excessive recursion in the BACapp dissector component within the epan/dissectors/packet-bacapp.c file. This issue was addressed by implementing limits on the amount of recursion allowed in the dissector's processing (CVE Mitre). The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (High), with attack vector: Network, attack complexity: Low, privileges required: None, user interaction: None, scope: Unchanged, and impact primarily affecting availability (Ubuntu Security).

The primary impact of this vulnerability is the potential for a Denial of Service (DoS) condition. When exploited, it can cause Wireshark to crash while processing malformed packets (Gentoo Security).

The vulnerability was patched in Wireshark versions 3.2.3, 3.0.10, and 2.6.16. Users are advised to upgrade to these or later versions to mitigate the vulnerability. The fix involves implementing limitations on recursion in the BACapp dissector (Wireshark Security).