CVE-2022-3190 — Infinite Loop in Wireshark

CWE-835 — Infinite Loop8 documents7 sources

Severity

5.5MEDIUMNVD

OSV7.5

EPSS

0.0%

top 94.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Debian Wireshark Sharkfest Foundation Wireshark +2 more

Timeline

PublishedSep 13

Latest updateJun 4

Description

Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

▶debiandebian/wireshark< wireshark 3.6.8-1 (bookworm)

▶NVDwireshark/wireshark3.4.0 — 3.4.16+1

▶Debianwireshark/wireshark< 3.4.16-0+deb11u1+3

▶Ubuntuwireshark/wireshark< 2.6.10-1~ubuntu14.04.0~esm3+4

▶CVEListV5sharkfest_foundation/wireshark>=3.4.0, <3.4.16, >=3.6.0, <3.6.8+1

Also affects: Fedora 36, 37

🔴Vulnerability Details

OSV

wireshark vulnerabilities↗2025-06-04

▶

GHSA

GHSA-h8c6-fw25-mvvx: Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3↗2022-09-14

▶

OSV

CVE-2022-3190: Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3↗2022-09-13

▶

📋Vendor Advisories

Ubuntu

Wireshark vulnerabilities↗2025-06-04

▶

Red Hat

wireshark: f5ethtrailer Infinite loop in legacy style dissector↗2022-09-13

▶

Microsoft

Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file↗2022-09-13

▶

Debian

CVE-2022-3190: wireshark - Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 t...↗2022

▶