CVE-2021-22173
published 2021-02-17CVE-2021-22173: Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 3.4.3-1 (bookworm) | wireshark 3.4.3-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| oracle | zfs_storage_appliance | — | — |
| the_wireshark_foundation | wireshark | — | — |
| wireshark | wireshark | >= 0 < 3.4.3-1 | 3.4.3-1 |
| wireshark | wireshark | >= 0 < 3.4.3-1 | 3.4.3-1 |
| wireshark | wireshark | >= 0 < 3.4.3-1 | 3.4.3-1 |
| wireshark | wireshark | >= 0 < 3.4.3-1 | 3.4.3-1 |
| wireshark | wireshark | >= 3.4.0 < 3.4.3 | 3.4.3 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH