CVE-2024-4854
Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
Produtos afetados
Wireshark Foundation · WiresharkQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://gitlab.com/wireshark/wireshark/-/issues/19726https://gitlab.com/wireshark/wireshark/-/merge_requests/15047https://gitlab.com/wireshark/wireshark/-/merge_requests/15499https://lists.debian.org/debian-lts-announce/2024/09/msg00049.htmlhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MKFJAZDKXGFFQPRDYLX2AANRNMYZZEZ/https://www.wireshark.org/security/wnpa-sec-2024-07.html