CVE-2021-4185: Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

high7.5CVSS 3.1

AVNACLPRNUINSUCNINAH

Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

24 ranges

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	wireshark	< wireshark 3.6.2-1 (bookworm)	wireshark 3.6.2-1 (bookworm)
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
google	chrome_chrome	—	—
msrc	cbl2_wireshark_3.4.14-1_on_cbl_mariner_2.0	—	—
msrc	cbl_mariner_2.0_arm	—	—
msrc	cbl_mariner_2.0_x64	—	—
oracle	http_server	—	—
oracle	http_server	—	—
oracle	zfs_storage_appliance_kit	—	—
wireshark	wireshark	—	—
wireshark	wireshark	>= 0 < 3.4.16-0+deb11u1	3.4.16-0+deb11u1
wireshark	wireshark	>= 0 < 3.6.2-1	3.6.2-1
wireshark	wireshark	>= 0 < 3.6.2-1	3.6.2-1
wireshark	wireshark	>= 0 < 3.6.2-1	3.6.2-1
wireshark	wireshark	>= 0 < 2.6.10-1~ubuntu14.04.0~esm3	2.6.10-1~ubuntu14.04.0~esm3
wireshark	wireshark	>= 0 < 2.6.10-1~ubuntu16.04.0+esm2	2.6.10-1~ubuntu16.04.0+esm2
wireshark	wireshark	>= 0 < 2.6.10-1~ubuntu18.04.0+esm2	2.6.10-1~ubuntu18.04.0+esm2
wireshark	wireshark	>= 0 < 3.2.3-1ubuntu0.1~esm2	3.2.3-1ubuntu0.1~esm2
wireshark	wireshark	>= 0 < 3.6.2-2ubuntu0.1~esm1	3.6.2-2ubuntu0.1~esm1
wireshark	wireshark	>= 3.4.0 < 3.4.11	3.4.11
wireshark_foundation	wireshark	—	—
wireshark_foundation	wireshark	—	—

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

osv7.5HIGH