Home

CVE-2021-39922

Description

Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
4.625

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities fixed in Wireshark (3.4.10)Windows
Multiple vulnerabilities fixed in Wireshark (X64) (3.4.10)Windows
Multiple vulnerabilities fixed in Wireshark x64 3.2.18Windows
Multiple vulnerabilities fixed in Wireshark 3.2.18Windows
Multiple vulnerabilities fixed in Wireshark x64 3.4.10Windows
Multiple Vulnerabilities are affected in WireShark For Mac 3.4.9Mac
Multiple Vulnerabilities are affected in WireShark For Mac 3.2.17Mac
wireshark security update(DSA-5019-1) wireshark_2.6.20-0+deb10u2_i386.debLinux
wireshark security update(DSA-5019-1) wireshark_2.6.20-0+deb10u2_amd64.debLinux
wireshark security update(DSA-5019-1) wireshark_3.4.10-0+deb11u1_amd64.debLinux
wireshark security update(DSA-5019-1) wireshark_3.4.10-0+deb11u1_i386.debLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-322478Wireshark (3.4.10)
PATCH-322479Wireshark (X64) (3.4.10)
PATCH-322479Wireshark (X64) (3.4.10)
PATCH-323050Wireshark (3.6.1)
PATCH-322479Wireshark (X64) (3.4.10)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234