CVE-2023-2858 — Out-of-bounds Write in Wireshark

CWE-787 — Out-of-bounds Write CWE-122 — Heap-based Buffer Overflow CWE-364 — Signal Handler Race Condition10 documents7 sources

Severity

6.5MEDIUMNVD

CNA5.3

EPSS

0.1%

top 82.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Wireshark Foundation Wireshark Debian Linux

Timeline

PublishedMay 26

Latest updateDec 24

Description

NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

▶NVDwireshark/wireshark3.6.0 — 3.6.14+1

▶Debianwireshark/wireshark< 3.4.16-0+deb11u1+3

▶CVEListV5wireshark_foundation/wireshark>=3.6.0, <3.6.14, >=4.0.0, <4.0.6+1

Also affects: Debian Linux 10.0, 12.0

Patches

Patch: gitlab.com ↗Patch: gitlab.com ↗

🔴Vulnerability Details

OSV

net: prevent skb corruption on frag list segmentation↗2025-12-24

▶

OSV

CVE-2023-2858: NetScaler file parser crash in Wireshark 4↗2023-05-26

▶

GHSA

GHSA-wcmq-57jj-6qwc: NetScaler file parser crash in Wireshark 4↗2023-05-26

▶

CVEList

CVE-2023-2858: NetScaler file parser crash in Wireshark 4↗2023-05-26

▶

📋Vendor Advisories

Red Hat

kernel: bpf: Skip task with pid=1 in send_signal_common()↗2025-03-27

▶

Red Hat

wireshark: NetScaler file parser crash↗2023-05-17

▶

Debian

CVE-2023-2858: wireshark - NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allo...↗2023

▶