CVE-2023-3648Mismatched Memory Management Routines in Foundation Wireshark

CWE-762Mismatched Memory Management Routines5 documents5 sources
Severity
5.5MEDIUMNVD
CNA5.3
EPSS
0.0%
top 95.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Wireshark Foundation WiresharkWireshark
Timeline
PublishedJul 14

Description

Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

CVEListV5wireshark_foundation/wireshark4.0.04.0.7+1
Debianwireshark/wireshark< 3.4.16-0+deb11u1+3
NVDwireshark/wireshark3.6.03.6.14+1

🔴Vulnerability Details

3
CVEList
Mismatched Memory Management Routines in Wireshark2023-07-14
GHSA
GHSA-r7p8-qf55-r286: Kafka dissector crash in Wireshark 42023-07-14
OSV
CVE-2023-3648: Kafka dissector crash in Wireshark 42023-07-14

📋Vendor Advisories

1
Debian
CVE-2023-3648: wireshark - Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows den...2023
CVE-2023-3648 — Mismatched Memory Management Routines | cvebase