First published: Thu Jan 12 2023(Updated: )
Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
Wireshark Wireshark | >=3.6.0<3.6.10 | |
Wireshark Wireshark | >=4.0.0<4.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2022-4345.
The severity of CVE-2022-4345 is medium with a severity value of 6.5 (CVSS score).
Wireshark versions 3.6.0 to 3.6.9 and 4.0.0 to 4.0.1 are affected by CVE-2022-4345.
This vulnerability can be exploited through packet injection or a crafted capture file.
Yes, you can find references for CVE-2022-4345 in the following links: [Reference 1](https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4345.json), [Reference 2](https://lists.debian.org/debian-lts-announce/2023/02/msg00007.html), [Reference 3](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDZMWIKH3L5JQZC6GSVOJ3N5UXNQPJGQ/)