BDU:2023-05022

Уязвимость компонента CP2179 анализатора трафика компьютерных сетей Wireshark, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

CVE-2023-2906

Published: 2023-08-26
Modified: 2025-02-13

CVE-2023-2906

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Published: 2023-08-24
Modified: 2024-11-21

CVE-2023-4511

BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Published: 2023-08-24
Modified: 2024-11-21

CVE-2023-4512

CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Published: 2023-08-24
Modified: 2024-11-21

CVE-2023-4513

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Version: 2.1.0

Package wireshark update in sisyphus_riscv64 on 2023-09-15

ALT-PU-2023-5690-1

Closed vulnerabilities

BDU:2023-05022

CVE-2023-2906

CVE-2023-4511

CVE-2023-4512

CVE-2023-4513