2023-01-18
ALT-BU-2023-2231-1
Branch c9f2 update bulletin.
Closed vulnerabilities
Published: 2022-09-13
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-3190
Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3190.json
- https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3190.json
- https://gitlab.com/wireshark/wireshark/-/issues/18307
- https://gitlab.com/wireshark/wireshark/-/issues/18307
- FEDORA-2022-9d4aa8a486
- FEDORA-2022-9d4aa8a486
- FEDORA-2022-1f2fbb087e
- FEDORA-2022-1f2fbb087e
- https://www.wireshark.org/security/wnpa-sec-2022-06.html
- https://www.wireshark.org/security/wnpa-sec-2022-06.html
Published: 2022-10-27
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-3725
Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3725.json
- https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3725.json
- https://gitlab.com/wireshark/wireshark/-/issues/18378
- https://gitlab.com/wireshark/wireshark/-/issues/18378
- FEDORA-2022-cf9ae8e4ff
- FEDORA-2022-cf9ae8e4ff
- GLSA-202309-02
- GLSA-202309-02
- https://www.wireshark.org/security/wnpa-sec-2022-07.html
- https://www.wireshark.org/security/wnpa-sec-2022-07.html
Published: 2023-01-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-4344
Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file
Severity: MEDIUM (4.3)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
References:
- https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4344.json
- https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4344.json
- FEDORA-2023-9ddb9b9757
- FEDORA-2023-9ddb9b9757
- FEDORA-2023-f9e2ad8b73
- FEDORA-2023-f9e2ad8b73
- https://www.wireshark.org/security/wnpa-sec-2022-10.html
- https://www.wireshark.org/security/wnpa-sec-2022-10.html
Published: 2023-01-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-4345
Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file
Severity: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4345.json
- https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4345.json
- [debian-lts-announce] 20230208 [SECURITY] [DLA 3313-1] wireshark security update
- [debian-lts-announce] 20230208 [SECURITY] [DLA 3313-1] wireshark security update
- FEDORA-2023-9ddb9b9757
- FEDORA-2023-9ddb9b9757
- FEDORA-2023-f9e2ad8b73
- FEDORA-2023-f9e2ad8b73
- https://www.wireshark.org/security/wnpa-sec-2022-09.html
- https://www.wireshark.org/security/wnpa-sec-2022-09.html