First published: Tue Sep 13 2022(Updated: )
Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
Wireshark Wireshark | >=3.4.0<3.4.16 | |
Wireshark Wireshark | >=3.6.0<3.6.8 | |
Fedoraproject Fedora | =36 | |
Fedoraproject Fedora | =37 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-3190 is a vulnerability in the F5 Ethernet Trailer protocol dissector in Wireshark, allowing denial of service via packet injection or crafted capture file.
Wireshark versions 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 are affected by CVE-2022-3190.
CVE-2022-3190 can be exploited through packet injection or by using a crafted capture file.
CVE-2022-3190 has a severity rating of medium, with a severity value of 5.5.
To fix CVE-2022-3190, it is recommended to update Wireshark to versions 3.6.8 or higher for 3.6.x releases, and versions 3.4.16 or higher for 3.4.x releases.