Vulnerability CVE-2023-2855: Information
Description
Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
wireshark | sisyphus | 4.0.6-alt1 | 4.2.5-alt2 | ALT-PU-2023-1938-1 | 322448 | Fixed |
wireshark | sisyphus_e2k | 4.0.6-alt1 | 4.2.5-alt2 | ALT-PU-2023-3826-1 | - | Fixed |
wireshark | sisyphus_riscv64 | 4.0.6-alt1 | 4.2.5-alt2 | ALT-PU-2023-3778-1 | - | Fixed |
wireshark | p10 | 4.0.6-alt1 | 4.0.11-alt1 | ALT-PU-2023-1971-1 | 322451 | Fixed |
wireshark | p10_e2k | 4.0.6-alt1 | 4.0.11-alt1 | ALT-PU-2023-3843-1 | - | Fixed |
wireshark | p9 | 4.0.8-alt1 | 4.0.8-alt1 | ALT-PU-2023-5823-2 | 329608 | Fixed |
wireshark | p9_e2k | 4.0.8-alt1 | 4.0.8-alt1 | ALT-PU-2023-5961-1 | - | Fixed |
wireshark | c10f1 | 4.0.6-alt1 | 4.0.11-alt1 | ALT-PU-2023-1976-1 | 322463 | Fixed |
wireshark | c9f2 | 4.0.8-alt1 | 4.0.11-alt1 | ALT-PU-2023-6556-3 | 332487 | Fixed |
wireshark | p11 | 4.0.6-alt1 | 4.2.5-alt2 | ALT-PU-2023-1938-1 | 322448 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2855.json |
|
https://gitlab.com/wireshark/wireshark/-/issues/19062 |
|
https://www.wireshark.org/security/wnpa-sec-2023-12.html |
|
DSA-5429 |
|
GLSA-202309-02 |
|