Wireshark Wireshark

Do you want an email whenever new security vulnerabilities are reported in Wireshark?

By the Year

In 2024 there have been 5 vulnerabilities in Wireshark with an average score of 7.5 out of ten. Last year Wireshark had 31 security vulnerabilities published. Right now, Wireshark is on track to have less security vulnerabilities in 2024 than it did last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.94.

Year Vulnerabilities Average Score
2024 5 7.50
2023 31 6.56
2022 7 7.40
2021 22 7.42
2020 20 6.85
2019 22 6.95
2018 79 7.43

It may take a day or so for new Wireshark vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Wireshark Security Vulnerabilities

IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19

CVE-2024-0209 7.5 - High - January 03, 2024

IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file

NULL Pointer Dereference

Zigbee TLV dissector crash in Wireshark 4.2.0

CVE-2024-0210 7.5 - High - January 03, 2024

Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file

Stack Exhaustion

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19

CVE-2024-0208 7.5 - High - January 03, 2024

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file

Stack Exhaustion

HTTP3 dissector crash in Wireshark 4.2.0

CVE-2024-0207 7.5 - High - January 03, 2024

HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file

Out-of-bounds Read

DOCSIS dissector crash in Wireshark 4.2.0

CVE-2024-0211 7.5 - High - January 03, 2024

DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file

Stack Exhaustion

SSH dissector crash in Wireshark 4.0.0 to 4.0.10

CVE-2023-6174 6.5 - Medium - November 16, 2023

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file

Injection

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16

CVE-2023-5371 6.5 - Medium - October 04, 2023

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file

Allocation of Resources Without Limits or Throttling

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero

CVE-2023-2906 6.5 - Medium - August 25, 2023

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.

Divide By Zero

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15

CVE-2023-4513 7.5 - High - August 24, 2023

BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file

Memory Leak

CBOR dissector crash in Wireshark 4.0.0 to 4.0.6

CVE-2023-4512 7.5 - High - August 24, 2023

CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

Stack Exhaustion

BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15

CVE-2023-4511 7.5 - High - August 24, 2023

BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file

Infinite Loop

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6

CVE-2023-3649 5.5 - Medium - July 14, 2023

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

Out-of-bounds Read

Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14

CVE-2023-3648 5.5 - Medium - July 14, 2023

Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet

CVE-2023-0668 6.5 - Medium - June 07, 2023

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.

Memory Corruption

Due to failure in validating the length provided by an attacker-crafted MSMMS packet

CVE-2023-0667 6.5 - Medium - June 07, 2023

Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark

Memory Corruption

Due to failure in validating the length provided by an attacker-crafted RTPS packet

CVE-2023-0666 6.5 - Medium - June 07, 2023

Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.

Memory Corruption

XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13

CVE-2023-2952 6.5 - Medium - May 30, 2023

XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file

Infinite Loop

VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13

CVE-2023-2856 6.5 - Medium - May 26, 2023

VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Memory Corruption

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13

CVE-2023-2854 6.5 - Medium - May 26, 2023

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Memory Corruption

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13

CVE-2023-2855 6.5 - Medium - May 26, 2023

Candump log parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Memory Corruption

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13

CVE-2023-2857 6.5 - Medium - May 26, 2023

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Memory Corruption

NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13

CVE-2023-2858 6.5 - Medium - May 26, 2023

NetScaler file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Memory Corruption

GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13

CVE-2023-2879 7.5 - High - May 26, 2023

GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file

Infinite Loop

GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12

CVE-2023-1994 6.5 - Medium - April 12, 2023

GQUIC dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

Resource Exhaustion

RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12

CVE-2023-1992 7.5 - High - April 12, 2023

RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

Resource Exhaustion

LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12

CVE-2023-1993 6.5 - Medium - April 12, 2023

LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file

Excessive Iteration

ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11

CVE-2023-1161 7.1 - High - March 06, 2023

ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file

Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and

CVE-2023-0411 6.5 - Medium - January 26, 2023

Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

Excessive Iteration

TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and

CVE-2023-0412 7.1 - High - January 26, 2023

TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

Improper Resource Shutdown or Release

Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and

CVE-2023-0413 6.5 - Medium - January 26, 2023

Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

Improper Resource Shutdown or Release

Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2

CVE-2023-0414 6.5 - Medium - January 26, 2023

Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial of service via packet injection or crafted capture file

Improper Resource Shutdown or Release

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and

CVE-2023-0415 6.5 - Medium - January 26, 2023

iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

Improper Resource Shutdown or Release

GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and

CVE-2023-0416 6.5 - Medium - January 26, 2023

GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

Improper Resource Shutdown or Release

Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and

CVE-2023-0417 6.5 - Medium - January 26, 2023

Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

Improper Resource Shutdown or Release

Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9

CVE-2022-4345 6.5 - Medium - January 12, 2023

Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

Infinite Loop

Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9

CVE-2022-4344 4.3 - Medium - January 12, 2023

Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

Resource Exhaustion

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8

CVE-2022-3725 7.5 - High - October 27, 2022

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file

Memory Corruption

Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15

CVE-2022-3190 5.5 - Medium - September 13, 2022

Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file

Infinite Loop

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11

CVE-2022-0585 6.5 - Medium - February 18, 2022

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file

Excessive Iteration

Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11

CVE-2022-0583 7.5 - High - February 14, 2022

Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

Memory Corruption

Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11

CVE-2022-0586 7.5 - High - February 14, 2022

Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

Infinite Loop

Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11

CVE-2022-0581 7.5 - High - February 14, 2022

Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

Dangling pointer

Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11

CVE-2022-0582 9.8 - Critical - February 14, 2022

Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file

NULL Pointer Dereference

Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10

CVE-2021-4184 7.5 - High - December 30, 2021

Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Infinite Loop

Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10

CVE-2021-4182 7.5 - High - December 30, 2021

Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Infinite Loop

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10

CVE-2021-4181 7.5 - High - December 30, 2021

Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Out-of-bounds Read

Crash in the pcapng file parser in Wireshark 3.6.0

CVE-2021-4183 5.5 - Medium - December 30, 2021

Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file

Out-of-bounds Read

Large loop in the Kafka dissector in Wireshark 3.6.0

CVE-2021-4190 7.5 - High - December 30, 2021

Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file

Excessive Iteration

Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10

CVE-2021-4186 7.5 - High - December 30, 2021

Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

NULL Pointer Dereference

Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10

CVE-2021-4185 7.5 - High - December 30, 2021

Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Infinite Loop

NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17

CVE-2021-39921 7.5 - High - November 19, 2021

NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

NULL Pointer Dereference

Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17

CVE-2021-39922 7.5 - High - November 19, 2021

Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Classic Buffer Overflow

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17

CVE-2021-39923 7.5 - High - November 19, 2021

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Excessive Iteration

Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17

CVE-2021-39924 7.5 - High - November 19, 2021

Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Excessive Iteration

Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17

CVE-2021-39925 7.5 - High - November 19, 2021

Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Classic Buffer Overflow

Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9

CVE-2021-39926 7.5 - High - November 19, 2021

Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file

Classic Buffer Overflow

Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17

CVE-2021-39929 7.5 - High - November 19, 2021

Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

Stack Exhaustion

NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9

CVE-2021-39920 7.5 - High - November 18, 2021

NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file

NULL Pointer Dereference

NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17

CVE-2021-39928 7.5 - High - November 18, 2021

NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

NULL Pointer Dereference

Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14

CVE-2021-22235 7.5 - High - July 20, 2021

Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file

Infinite Loop

Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5

CVE-2021-22222 7.5 - High - June 07, 2021

Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file

Infinite Loop

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12

CVE-2021-22207 6.5 - Medium - April 23, 2021

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file

Allocation of Resources Without Limits or Throttling

Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could

CVE-2021-22191 8.8 - High - March 15, 2021

Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.

Injection

Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2

CVE-2021-22173 7.5 - High - February 17, 2021

Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file

Memory Leak

Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2

CVE-2021-22174 7.5 - High - February 17, 2021

Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file

Resource Exhaustion

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1

CVE-2020-26422 5.3 - Medium - December 21, 2020

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file

Classic Buffer Overflow

Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8

CVE-2020-26418 5.3 - Medium - December 11, 2020

Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

Memory Leak

Memory leak in the dissection engine in Wireshark 3.4.0

CVE-2020-26419 5.3 - Medium - December 11, 2020

Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.

Memory Leak

Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8

CVE-2020-26420 5.3 - Medium - December 11, 2020

Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

Memory Leak

Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8

CVE-2020-26421 5.3 - Medium - December 11, 2020

Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

Out-of-bounds Read

In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash

CVE-2020-28030 7.5 - High - November 02, 2020

In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.

Resource Exhaustion

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash

CVE-2020-25862 7.5 - High - October 06, 2020

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.

Improper Validation of Integrity Check Value

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash

CVE-2020-25863 7.5 - High - October 06, 2020

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.

In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference

CVE-2020-25866 7.5 - High - October 06, 2020

In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.

NULL Pointer Dereference

In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop

CVE-2020-26575 7.5 - High - October 06, 2020

In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.

Infinite Loop

In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash

CVE-2020-17498 6.5 - Medium - August 13, 2020

In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.

Double-free

In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop

CVE-2020-15466 7.5 - High - July 05, 2020

In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations.

Infinite Loop

In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash

CVE-2020-13164 7.5 - High - May 19, 2020

In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.

Resource Exhaustion

In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash

CVE-2020-11647 7.5 - High - April 10, 2020

In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.

Injection

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory

CVE-2020-9431 7.5 - High - February 27, 2020

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.

Resource Exhaustion

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash

CVE-2020-9430 7.5 - High - February 27, 2020

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.

Improper Input Validation

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash

CVE-2020-9429 7.5 - High - February 27, 2020

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.

NULL Pointer Dereference

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash

CVE-2020-9428 7.5 - High - February 27, 2020

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.

Injection

In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash

CVE-2020-7045 6.5 - Medium - January 16, 2020

In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes.

Injection

In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash

CVE-2020-7044 7.5 - High - January 16, 2020

In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.

Out-of-bounds Read

In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash

CVE-2019-19553 7.5 - High - December 05, 2019

In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector could crash. This was addressed in epan/dissectors/asn1/cms/packet-cms-template.c by ensuring that an object identifier is set to NULL after a ContentInfo dissection.

Missing Initialization of Resource

In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop

CVE-2019-16319 7.5 - High - September 15, 2019

In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of zero.

Infinite Loop

In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash

CVE-2019-13619 7.5 - High - July 17, 2019

In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.

Buffer Overflow

In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash

CVE-2019-12295 7.5 - High - May 23, 2019

In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion.

Stack Exhaustion

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash

CVE-2019-10896 7.5 - High - April 09, 2019

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.

Memory Corruption

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash

CVE-2019-10903 7.5 - High - April 09, 2019

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

Out-of-bounds Read

In Wireshark 3.0.0, the TSDNS dissector could crash

CVE-2019-10902 7.5 - High - April 09, 2019

In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.

Unchecked Return Value

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash

CVE-2019-10901 7.5 - High - April 09, 2019

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.

NULL Pointer Dereference

In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop

CVE-2019-10900 7.5 - High - April 09, 2019

In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely.

Infinite Loop

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash

CVE-2019-10899 7.5 - High - April 09, 2019

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.

Out-of-bounds Read

In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop

CVE-2019-10898 7.5 - High - April 09, 2019

In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length.

Infinite Loop

In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop

CVE-2019-10897 7.5 - High - April 09, 2019

In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-ieee80211.c by detecting cases in which the bit offset does not advance.

Infinite Loop

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash

CVE-2019-10894 7.5 - High - April 09, 2019

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

assertion failure

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash

CVE-2019-10895 7.5 - High - April 09, 2019

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.

Out-of-bounds Read

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash

CVE-2019-9209 5.5 - Medium - February 28, 2019

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.

Memory Corruption

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for OpenSuse Leap or by Wireshark? Click the Watch button to subscribe.

Wireshark
Vendor

Wireshark
Product

subscribe