Published: 26/05/2023 Updated: 20/10/2023

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark
debian debian linux 10.0
debian debian linux 12.0

Multiple vulnerabilities have been discocvered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code For the stable distribution (bookworm), these problems have been fixed in version 406-1~deb12u1 We recommend that you upgrade your wireshark packages For the detailed security statu ...

DescriptionA vulnerability was found in wireshark This issue occurs in the GDSDB dissector, and could go into an infinite loop It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace fileA vulnerability was found in wiresha ...

CWE-835 https://gitlab.com/wireshark/wireshark/-/issues/19068 https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2879.json https://www.wireshark.org/security/wnpa-sec-2023-14.html https://lists.debian.org/debian-lts-announce/2023/06/msg00004.html https://www.debian.org/security/2023/dsa-5429 https://security.gentoo.org/glsa/202309-02 https://www.debian.org/security/2023/dsa-5429 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-2879

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect