CVE-2023-4512 — Uncontrolled Recursion in Foundation Wireshark

Severity

7.5HIGHNVD

CNA5.3

EPSS

0.0%

top 87.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 24

Description

CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

▶Debianwireshark/wireshark< 3.4.16-0+deb11u1+3

▶NVDwireshark/wireshark4.0.0 — 4.0.7

GHSA

GHSA-g65w-25m5-5gcg: CBOR dissector crash in Wireshark 4↗2023-08-24

▶

OSV

CVE-2023-4512: CBOR dissector crash in Wireshark 4↗2023-08-24

▶

CVEList

Uncontrolled Recursion in Wireshark↗2023-08-24

▶

Red Hat

wireshark: DoS (crash) via packet injection or crafted capture file↗2023-08-24

▶

Debian

CVE-2023-4512: wireshark - CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via pa...↗2023

▶