CVE-2021-39923 — Excessive Iteration in Wireshark

CWE-834 — Excessive Iteration CWE-476 — NULL Pointer Dereference CWE-400 — Uncontrolled Resource Consumption7 documents7 sources

Severity

7.5HIGHNVD

EPSS

2.3%

top 15.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Wireshark Foundation Wireshark Debian Linux

Timeline

PublishedNov 19

Latest updateNov 20

Description

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶Debianwireshark/wireshark< 3.4.10-0+deb11u1+3

▶NVDwireshark/wireshark3.2.0 — 3.2.17+1

▶CVEListV5wireshark_foundation/wireshark>=3.2.0, <3.2.18, >=3.4.0, <3.4.10+1

Also affects: Debian Linux 10.0, 11.0, 9.0

Patches

Patch: gitlab.com ↗Patch: gitlab.com ↗

🔴Vulnerability Details

GHSA

GHSA-v75m-35ph-56m2: NULL pointer exception in the IPPUSB dissector in Wireshark 3↗2021-11-20

▶

CVEList

CVE-2021-39923: Large loop in the PNRP dissector in Wireshark 3↗2021-11-19

▶

OSV

CVE-2021-39923: Large loop in the PNRP dissector in Wireshark 3↗2021-11-19

▶

📋Vendor Advisories

Red Hat

wireshark: PNRP dissector large loop↗2021-11-17

▶

Microsoft

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file↗2021-11-09

▶

Debian

CVE-2021-39923: wireshark - Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17...↗2021

▶