CVE-2024-24478 — Integer Overflow to Buffer Overflow in Wireshark

CWE-680 — Integer Overflow to Buffer Overflow CWE-190 — Integer Overflow or Wraparound6 documents6 sources

Severity

7.5HIGHNVD

EPSS

0.3%

top 48.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

3

Wireshark Debian Wireshark Msrc Azl3 Wireshark 4.4.7-1 ON Azure Linux 3.0

Timeline

PublishedFeb 21

Description

An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶NVDwireshark/wireshark< 4.2.0

▶debiandebian/wireshark

▶msrcmsrc/azl3_wireshark_4.4.7-1_on_azure_linux_3.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

2

GHSA

GHSA-q2p3-j458-f7vv: An issue in Wireshark team Wireshark before v↗2024-02-21

▶

OSV

CVE-2024-24478: ** DISPUTED ** An issue in Wireshark before 4↗2024-02-21

▶

📋Vendor Advisories

3

Red Hat

wireshark: integer overflow in dissect_bgp_open() in epan/dissectors/packet-bgp.c↗2024-02-21

▶

Microsoft

An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NO↗2024-02-13

▶

Debian

CVE-2024-24478: wireshark - An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of...↗2024

▶