Action not permitted
Modal body text goes here.
Modal Title
Modal Body
alsa-2023:6469
Vulnerability from osv_almalinux
Published
2023-11-07 00:00
Modified
2023-11-14 12:06
Summary
Moderate: wireshark security update
Details
The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network.
Security Fix(es):
- wireshark: RTPS dissector crash (CVE-2023-0666)
- wireshark: IEEE C37.118 Synchrophasor dissector crash (CVE-2023-0668)
- wireshark: Candump log file parser crash (CVE-2023-2855)
- wireshark: VMS TCPIPtrace file parser crash (CVE-2023-2856)
- wireshark: NetScaler file parser crash (CVE-2023-2858)
- wireshark: XRA dissector infinite loop (CVE-2023-2952)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "wireshark"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.4.10-6.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "wireshark-cli"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.4.10-6.el9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "wireshark-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.4.10-6.el9"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network.\n\nSecurity Fix(es):\n\n* wireshark: RTPS dissector crash (CVE-2023-0666)\n* wireshark: IEEE C37.118 Synchrophasor dissector crash (CVE-2023-0668)\n* wireshark: Candump log file parser crash (CVE-2023-2855)\n* wireshark: VMS TCPIPtrace file parser crash (CVE-2023-2856)\n* wireshark: NetScaler file parser crash (CVE-2023-2858)\n* wireshark: XRA dissector infinite loop (CVE-2023-2952)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2023:6469",
"modified": "2023-11-14T12:06:10Z",
"published": "2023-11-07T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2023:6469"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0666"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0668"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-2855"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-2856"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-2858"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-2952"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2210822"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2210824"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2210829"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2210832"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2210835"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2211406"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2023-6469.html"
}
],
"related": [
"CVE-2023-0666",
"CVE-2023-0668",
"CVE-2023-2855",
"CVE-2023-2856",
"CVE-2023-2858",
"CVE-2023-2952"
],
"summary": "Moderate: wireshark security update"
}
CVE-2023-0666 (GCVE-0-2023-0666)
Vulnerability from cvelistv5 – Published: 2023-06-07 02:25 – Updated: 2025-11-03 21:47
VLAI
EPSS
Title
Wireshark RTPS Parsing Buffer Overflow
Summary
Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.
Severity
6.5 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://takeonme.org/cves/CVE-2023-0666.html | third-party-advisory |
| https://gitlab.com/wireshark/wireshark/-/issues/19085 | issue-tracking |
| https://www.wireshark.org/docs/relnotes/wireshark… | release-notes |
| https://www.wireshark.org/security/wnpa-sec-2023-… | vendor-advisory |
| https://www.debian.org/security/2023/dsa-5429 | |
| https://security.gentoo.org/glsa/202309-02 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Wireshark Foundation | Wireshark |
Affected:
4.0.0 , ≤ 4.0.5
(semver)
Unaffected: 4.0.6 |
Date Public
2023-05-22 19:04
Credits
Austin Hackers Anonymous!
Austin Hackers Anonymous!
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:47:00.575Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://takeonme.org/cves/CVE-2023-0666.html"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19085"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2023-18.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-02"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-0666",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T15:03:01.838531Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T15:03:06.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Wireshark",
"vendor": "Wireshark Foundation",
"versions": [
{
"lessThanOrEqual": "4.0.5",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "4.0.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Austin Hackers Anonymous!"
},
{
"lang": "en",
"type": "coordinator",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Austin Hackers Anonymous!"
}
],
"datePublic": "2023-05-22T19:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark."
}
],
"value": "Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-17T06:06:20.490Z",
"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
"shortName": "AHA"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://takeonme.org/cves/CVE-2023-0666.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19085"
},
{
"tags": [
"release-notes"
],
"url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2023-18.html"
},
{
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"url": "https://security.gentoo.org/glsa/202309-02"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Wireshark RTPS Parsing Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
"assignerShortName": "AHA",
"cveId": "CVE-2023-0666",
"datePublished": "2023-06-07T02:25:27.974Z",
"dateReserved": "2023-02-03T22:06:14.542Z",
"dateUpdated": "2025-11-03T21:47:00.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-0668 (GCVE-0-2023-0668)
Vulnerability from cvelistv5 – Published: 2023-06-07 02:32 – Updated: 2025-11-03 21:47
VLAI
EPSS
Title
Wireshark IEEE-C37.118 parsing buffer overflow
Summary
Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.
Severity
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://takeonme.org/cves/CVE-2023-0668.html | third-party-advisory |
| https://gitlab.com/wireshark/wireshark/-/issues/19087 | issue-tracking |
| https://www.wireshark.org/docs/relnotes/wireshark… | release-notes |
| https://www.wireshark.org/security/wnpa-sec-2023-… | vendor-advisory |
| https://www.debian.org/security/2023/dsa-5429 | |
| https://security.gentoo.org/glsa/202309-02 |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Wireshark Foundation | Wireshark |
Affected:
4.0.0 , ≤ 4.0.5
(semver)
Unaffected: 4.0.6 Affected: 3.6.0 , ≤ 3.6.13 (semver) Unaffected: 3.6.14 |
Date Public
2023-05-22 19:04
Credits
zenofex
WanderingGlitch
Austin Hackers Anonymous!
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:47:03.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://takeonme.org/cves/CVE-2023-0668.html"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19087"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2023-19.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-02"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-0668",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-07T14:58:27.192178Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-07T14:59:00.663Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Wireshark",
"vendor": "Wireshark Foundation",
"versions": [
{
"lessThanOrEqual": "4.0.5",
"status": "affected",
"version": "4.0.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "4.0.6"
},
{
"lessThanOrEqual": "3.6.13",
"status": "affected",
"version": "3.6.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "3.6.14"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "zenofex"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "WanderingGlitch"
},
{
"lang": "en",
"type": "coordinator",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Austin Hackers Anonymous!"
}
],
"datePublic": "2023-05-22T19:04:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark."
}
],
"value": "Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark."
}
],
"impacts": [
{
"capecId": "CAPEC-540",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-540 Overread Buffers"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-17T06:06:13.594Z",
"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
"shortName": "AHA"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://takeonme.org/cves/CVE-2023-0668.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19087"
},
{
"tags": [
"release-notes"
],
"url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2023-19.html"
},
{
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"url": "https://security.gentoo.org/glsa/202309-02"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Wireshark IEEE-C37.118 parsing buffer overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43",
"assignerShortName": "AHA",
"cveId": "CVE-2023-0668",
"datePublished": "2023-06-07T02:32:45.095Z",
"dateReserved": "2023-02-03T22:08:47.155Z",
"dateUpdated": "2025-11-03T21:47:03.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2855 (GCVE-0-2023-2855)
Vulnerability from cvelistv5 – Published: 2023-05-26 00:00 – Updated: 2025-11-03 21:47
VLAI
EPSS
Summary
Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Severity
5.3 (Medium)
CWE
- Buffer over-read in Wireshark
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Wireshark Foundation | Wireshark |
Affected:
>=4.0.0, <4.0.6
Affected: >=3.6.0, <3.6.14 |
Credits
Huascar Tejeda
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:47:39.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2023-12.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19062"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2855.json"
},
{
"name": "DSA-5429",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"name": "GLSA-202309-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-02"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2855",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:43:12.364309Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:43:18.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Wireshark",
"vendor": "Wireshark Foundation",
"versions": [
{
"status": "affected",
"version": "\u003e=4.0.0, \u003c4.0.6"
},
{
"status": "affected",
"version": "\u003e=3.6.0, \u003c3.6.14"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Huascar Tejeda"
}
],
"descriptions": [
{
"lang": "en",
"value": "Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer over-read in Wireshark",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-17T06:06:34.910Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://www.wireshark.org/security/wnpa-sec-2023-12.html"
},
{
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19062"
},
{
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2855.json"
},
{
"name": "DSA-5429",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"name": "GLSA-202309-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202309-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-2855",
"datePublished": "2023-05-26T00:00:00.000Z",
"dateReserved": "2023-05-24T00:00:00.000Z",
"dateUpdated": "2025-11-03T21:47:39.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2856 (GCVE-0-2023-2856)
Vulnerability from cvelistv5 – Published: 2023-05-26 00:00 – Updated: 2025-11-03 21:47
VLAI
EPSS
Summary
VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Severity
5.3 (Medium)
CWE
- Buffer over-read in Wireshark
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://www.wireshark.org/security/wnpa-sec-2023-… | |
| https://gitlab.com/wireshark/wireshark/-/issues/19083 | |
| https://gitlab.com/gitlab-org/cves/-/blob/master/… | |
| https://lists.debian.org/debian-lts-announce/2023… | mailing-list |
| https://www.debian.org/security/2023/dsa-5429 | vendor-advisory |
| https://security.gentoo.org/glsa/202309-02 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Wireshark Foundation | Wireshark |
Affected:
>=4.0.0, <4.0.6
Affected: >=3.6.0, <3.6.14 |
Credits
Huascar Tejeda
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:47:40.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2023-16.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19083"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2856.json"
},
{
"name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3443-1] wireshark security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html"
},
{
"name": "DSA-5429",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"name": "GLSA-202309-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-02"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2856",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:42:30.539581Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:42:36.029Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Wireshark",
"vendor": "Wireshark Foundation",
"versions": [
{
"status": "affected",
"version": "\u003e=4.0.0, \u003c4.0.6"
},
{
"status": "affected",
"version": "\u003e=3.6.0, \u003c3.6.14"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Huascar Tejeda"
}
],
"descriptions": [
{
"lang": "en",
"value": "VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer over-read in Wireshark",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-17T06:06:23.392Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://www.wireshark.org/security/wnpa-sec-2023-16.html"
},
{
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19083"
},
{
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2856.json"
},
{
"name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3443-1] wireshark security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html"
},
{
"name": "DSA-5429",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"name": "GLSA-202309-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202309-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-2856",
"datePublished": "2023-05-26T00:00:00.000Z",
"dateReserved": "2023-05-24T00:00:00.000Z",
"dateUpdated": "2025-11-03T21:47:40.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2858 (GCVE-0-2023-2858)
Vulnerability from cvelistv5 – Published: 2023-05-26 00:00 – Updated: 2025-11-03 21:47
VLAI
EPSS
Summary
NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Severity
5.3 (Medium)
CWE
- Buffer over-read in Wireshark
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://www.wireshark.org/security/wnpa-sec-2023-… | |
| https://gitlab.com/wireshark/wireshark/-/issues/19081 | |
| https://gitlab.com/gitlab-org/cves/-/blob/master/… | |
| https://lists.debian.org/debian-lts-announce/2023… | mailing-list |
| https://www.debian.org/security/2023/dsa-5429 | vendor-advisory |
| https://security.gentoo.org/glsa/202309-02 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Wireshark Foundation | Wireshark |
Affected:
>=4.0.0, <4.0.6
Affected: >=3.6.0, <3.6.14 |
Credits
Huascar Tejeda
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:47:41.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2023-15.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19081"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2858.json"
},
{
"name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3443-1] wireshark security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html"
},
{
"name": "DSA-5429",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"name": "GLSA-202309-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-02"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2858",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:39:31.657577Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:39:36.275Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Wireshark",
"vendor": "Wireshark Foundation",
"versions": [
{
"status": "affected",
"version": "\u003e=4.0.0, \u003c4.0.6"
},
{
"status": "affected",
"version": "\u003e=3.6.0, \u003c3.6.14"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Huascar Tejeda"
}
],
"descriptions": [
{
"lang": "en",
"value": "NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer over-read in Wireshark",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-17T06:06:18.422Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://www.wireshark.org/security/wnpa-sec-2023-15.html"
},
{
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19081"
},
{
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2858.json"
},
{
"name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3443-1] wireshark security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html"
},
{
"name": "DSA-5429",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"name": "GLSA-202309-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202309-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-2858",
"datePublished": "2023-05-26T00:00:00.000Z",
"dateReserved": "2023-05-24T00:00:00.000Z",
"dateUpdated": "2025-11-03T21:47:41.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2952 (GCVE-0-2023-2952)
Vulnerability from cvelistv5 – Published: 2023-05-30 00:00 – Updated: 2025-11-03 21:47
VLAI
EPSS
Summary
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file
Severity
5.3 (Medium)
CWE
- Loop with unreachable exit condition ('infinite loop') in Wireshark
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://www.wireshark.org/security/wnpa-sec-2023-… | |
| https://gitlab.com/wireshark/wireshark/-/issues/19100 | |
| https://gitlab.com/gitlab-org/cves/-/blob/master/… | |
| https://lists.debian.org/debian-lts-announce/2023… | mailing-list |
| https://www.debian.org/security/2023/dsa-5429 | vendor-advisory |
| https://security.gentoo.org/glsa/202309-02 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Wireshark Foundation | Wireshark |
Affected:
>=4.0.0, <4.0.6
Affected: >=3.6.0, <3.6.14 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:47:56.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2023-20.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19100"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2952.json"
},
{
"name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3443-1] wireshark security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html"
},
{
"name": "DSA-5429",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"name": "GLSA-202309-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-02"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2952",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T19:59:47.786061Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:00:08.791Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Wireshark",
"vendor": "Wireshark Foundation",
"versions": [
{
"status": "affected",
"version": "\u003e=4.0.0, \u003c4.0.6"
},
{
"status": "affected",
"version": "\u003e=3.6.0, \u003c3.6.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Loop with unreachable exit condition (\u0027infinite loop\u0027) in Wireshark",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-17T06:06:16.682Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://www.wireshark.org/security/wnpa-sec-2023-20.html"
},
{
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19100"
},
{
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2952.json"
},
{
"name": "[debian-lts-announce] 20230603 [SECURITY] [DLA 3443-1] wireshark security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html"
},
{
"name": "DSA-5429",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5429"
},
{
"name": "GLSA-202309-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202309-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2023-2952",
"datePublished": "2023-05-30T00:00:00.000Z",
"dateReserved": "2023-05-29T00:00:00.000Z",
"dateUpdated": "2025-11-03T21:47:56.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…