CVE-2021-4184
published 2021-12-30CVE-2021-4184: Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | wireshark | < wireshark 3.6.2-1 (bookworm) | wireshark 3.6.2-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| chrome_chrome | — | — | |
| msrc | cbl2_wireshark_3.4.14-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| oracle | http_server | — | — |
| oracle | http_server | — | — |
| oracle | zfs_storage_appliance_kit | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | >= 0 < 3.4.16-0+deb11u1 | 3.4.16-0+deb11u1 |
| wireshark | wireshark | >= 0 < 3.6.2-1 | 3.6.2-1 |
| wireshark | wireshark | >= 0 < 3.6.2-1 | 3.6.2-1 |
| wireshark | wireshark | >= 0 < 3.6.2-1 | 3.6.2-1 |
| wireshark | wireshark | 3.4.0 – 3.4.10 | — |
| wireshark_foundation | wireshark | — | — |
| wireshark_foundation | wireshark | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH