CVE-2022-4344

Опубликовано: 12 янв. 2023

Источник: debian

Описание

Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
wireshark	fixed	4.0.2-1		package
wireshark	not-affected		buster	package

Примечания

https://www.wireshark.org/security/wnpa-sec-2022-10.html
likely https://gitlab.com/wireshark/wireshark/-/commit/e0bd9d312c362318fd19e41c6c0e23fc81d42253

Связанные уязвимости

CVE-2022-4344

CVSS3: 6.3

ubuntu

около 3 лет назад

Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

CVE-2022-4344

CVSS3: 6.3

redhat

около 3 лет назад

Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

CVE-2022-4344

CVSS3: 6.3

nvd

около 3 лет назад

Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

CVE-2022-4344

CVSS3: 4.3

msrc

около 3 лет назад

Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

GHSA-6q39-qvw3-75jq

CVSS3: 4.3

github

около 3 лет назад

Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file