CVE-2021-4182
published 2021-12-30CVE-2021-4182: Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 3.6.2-1 (bookworm) | wireshark 3.6.2-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| msrc | cbl2_wireshark_3.4.14-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| oracle | http_server | — | — |
| oracle | http_server | — | — |
| oracle | zfs_storage_appliance_kit | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | >= 0 < 3.4.16-0+deb11u1 | 3.4.16-0+deb11u1 |
| wireshark | wireshark | >= 0 < 3.6.2-1 | 3.6.2-1 |
| wireshark | wireshark | >= 0 < 3.6.2-1 | 3.6.2-1 |
| wireshark | wireshark | >= 0 < 3.6.2-1 | 3.6.2-1 |
| wireshark | wireshark | >= 0 < 2.6.10-1~ubuntu14.04.0~esm3 | 2.6.10-1~ubuntu14.04.0~esm3 |
| wireshark | wireshark | >= 0 < 2.6.10-1~ubuntu16.04.0+esm2 | 2.6.10-1~ubuntu16.04.0+esm2 |
| wireshark | wireshark | >= 0 < 2.6.10-1~ubuntu18.04.0+esm2 | 2.6.10-1~ubuntu18.04.0+esm2 |
| wireshark | wireshark | >= 0 < 3.2.3-1ubuntu0.1~esm2 | 3.2.3-1ubuntu0.1~esm2 |
| wireshark | wireshark | >= 0 < 3.6.2-2ubuntu0.1~esm1 | 3.6.2-2ubuntu0.1~esm1 |
| wireshark | wireshark | >= 3.4.0 < 3.4.11 | 3.4.11 |
| wireshark_foundation | wireshark | — | — |
| wireshark_foundation | wireshark | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH