CVE-2021-22207

Опубликовано: 23 апр. 2021

Источник: debian

Описание

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
wireshark	fixed	3.4.6-1~exp1	experimental	package
wireshark	fixed	3.4.7-1		package
wireshark	fixed	2.6.20-0+deb10u3	buster	package

Примечания

https://gitlab.com/wireshark/wireshark/-/issues/17331
https://gitlab.com/wireshark/wireshark/-/commit/b7a0650e061b5418ab4a8f72c6e4b00317aff623
https://www.wireshark.org/security/wnpa-sec-2021-04.html

Связанные уязвимости

CVE-2021-22207

CVSS3: 5.5

ubuntu

почти 5 лет назад

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file

CVE-2021-22207

CVSS3: 7.5

redhat

почти 5 лет назад

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file

CVE-2021-22207

CVSS3: 5.5

nvd

почти 5 лет назад

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file

CVE-2021-22207

CVSS3: 6.5

msrc

около 4 лет назад

Описание отсутствует

GHSA-r33p-r743-5j75

CVSS3: 6.5

github

больше 3 лет назад

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file