CVE-2023-0668 — Out-of-bounds Read in Wireshark

CWE-125 — Out-of-bounds Read CWE-787 — Out-of-bounds Write6 documents6 sources

Severity

6.5MEDIUMNVD

EPSS

1.4%

top 19.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Wireshark Foundation Wireshark Debian Linux

Timeline

PublishedJun 7

Description

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

▶NVDwireshark/wireshark3.6.0 — 3.6.14+1

▶Debianwireshark/wireshark< 3.4.16-0+deb11u1+3

▶CVEListV5wireshark_foundation/wireshark4.0.0 — 4.0.5+1

Also affects: Debian Linux 12.0

🔴Vulnerability Details

OSV

CVE-2023-0668: Due to failure in validating the length provided by an attacker-crafted IEEE-C37↗2023-06-07

▶

CVEList

Wireshark IEEE-C37.118 parsing buffer overflow↗2023-06-07

▶

GHSA

GHSA-4794-8fm9-wmp3: Due to failure in validating the length provided by an attacker-crafted IEEE-C37↗2023-06-07

▶

📋Vendor Advisories

Red Hat

wireshark: IEEE C37.118 Synchrophasor dissector crash↗2023-05-18

▶

Debian

CVE-2023-0668: wireshark - Due to failure in validating the length provided by an attacker-crafted IEEE-C37...↗2023

▶