CVE-2023-0411

Details

Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

Affected Packages

Windows:10240Wireshark

Fixed in:

3.6.114.0.3

Windows:14393Wireshark

Fixed in:

3.6.114.0.3

Windows:17763Wireshark

Fixed in:

3.6.114.0.3

Windows:18362Wireshark

Fixed in:

3.6.114.0.3

Windows:18363Wireshark

Fixed in:

3.6.114.0.3

Windows:19041Wireshark

Fixed in:

3.6.114.0.3

Windows:19042Wireshark

Fixed in:

3.6.114.0.3

Windows:19043Wireshark

Fixed in:

3.6.114.0.3

Windows:19044Wireshark

Fixed in:

3.6.114.0.3

Windows:19045Wireshark

Fixed in:

3.6.114.0.3

Windows:20348Wireshark

Fixed in:

3.6.114.0.3

Windows:22000Wireshark

Fixed in:

3.6.114.0.3

Windows:22621Wireshark

Fixed in:

3.6.114.0.3

Windows:22631Wireshark

Fixed in:

3.6.114.0.3

Windows:25398Wireshark

Fixed in:

3.6.114.0.3

Windows:26100Wireshark

Fixed in:

3.6.114.0.3

Windows:26200Wireshark

Fixed in:

3.6.114.0.3

References

WEBhttps://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0411.json WEBhttps://gitlab.com/wireshark/wireshark/-/issues/18711 WEBhttps://gitlab.com/wireshark/wireshark/-/issues/18720 WEBhttps://gitlab.com/wireshark/wireshark/-/issues/18737 WEBhttps://lists.debian.org/debian-lts-announce/2023/02/msg00007.html WEBhttps://lists.debian.org/debian-lts-announce/2024/09/msg00049.html ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2023-0411 WEBhttps://www.wireshark.org/security/wnpa-sec-2023-06.html

CVE-2023-0411

Details

Affected Packages

References

CVSS Analysis

Ecosystems

Timeline