CVE-2016-9372 — Improper Input Validation in Wireshark

CWE-20 — Improper Input Validation CWE-3996 documents6 sources

Severity

5.9MEDIUMNVD

EPSS

0.4%

top 40.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Debian Wireshark

Timeline

PublishedNov 17

Latest updateMay 17

Description

In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/wireshark< wireshark 2.2.2+g9c5aae3-1 (bookworm)

▶Debianwireshark/wireshark< 2.2.2+g9c5aae3-1+3

▶NVDwireshark/wireshark2.2.0, 2.2.1+1

🔴Vulnerability Details

GHSA

GHSA-j9pp-495j-qm96: In Wireshark 2↗2022-05-17

▶

OSV

CVE-2016-9372: In Wireshark 2↗2016-11-17

▶

📋Vendor Advisories

Red Hat

wireshark: Profinet I/O dissector long loop (wnpa-sec-2016-58)↗2016-11-16

▶

Debian

CVE-2016-9372: wireshark - In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, ...↗2016

▶

💬Community

Bugzilla

CVE-2016-9372 wireshark: Profinet I/O dissector long loop (wnpa-sec-2016-58)↗2016-11-18

▶