Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0581.json | Third Party Advisory |
https://gitlab.com/wireshark/wireshark/-/issues/17935 | Exploit Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/ | |
https://security.gentoo.org/glsa/202210-04 | Third Party Advisory |
https://www.wireshark.org/security/wnpa-sec-2022-05.html | Issue Tracking Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 03:41
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-416 |
Information
Published : 2022-02-14 22:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-0581
Mitre link : CVE-2022-0581
CVE.ORG link : CVE-2022-0581
JSON object : View
Products Affected
fedoraproject
- fedora
wireshark
- wireshark
debian
- debian_linux
CWE
CWE-416
Use After Free