CVE-2023-6174 — Out-of-bounds Read in Foundation Wireshark

Severity

6.5MEDIUMNVD

CNA6.3

EPSS

0.1%

top 67.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedNov 16

Description

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

▶Debianwireshark/wireshark< 4.0.11-1~deb12u1+2

▶NVDwireshark/wireshark4.0.0 — 4.0.10

Also affects: Debian Linux 12.0

OSV

CVE-2023-6174: SSH dissector crash in Wireshark 4↗2023-11-16

▶

CVEList

Out-of-bounds Read in Wireshark↗2023-11-16

▶

GHSA

GHSA-xx79-4755-jq22: SSH dissector crash in Wireshark 4↗2023-11-16

▶

Red Hat

wireshark: SSH dissector invalid read of memory blocks↗2023-11-15

▶

Microsoft

Out-of-bounds Read in Wireshark↗2023-11-14

▶

Debian

CVE-2023-6174: wireshark - SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via pa...↗2023

▶