CVE-2023-5371

Опубликовано: 04 окт. 2023

Источник: debian

EPSS Низкий

Описание

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file

Пакет	Статус	Версия исправления	Релиз	Тип
wireshark	fixed	4.0.10-1		package
wireshark	not-affected		bullseye	package
wireshark	not-affected		buster	package

https://gitlab.com/wireshark/wireshark/-/issues/19322
https://www.wireshark.org/security/wnpa-sec-2023-27.html
Introduced by: https://gitlab.com/wireshark/wireshark/-/commit/b46d244a9ba55daaed1ebbb15f5ea56231658d3d (v3.5.0)

EPSS

Процентиль: 15%

0.0005

Низкий

CVE-2023-5371

CVSS3: 5.3

ubuntu

около 2 лет назад

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file

CVE-2023-5371

CVSS3: 6.5

redhat

около 2 лет назад

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file

CVE-2023-5371

CVSS3: 5.3

nvd

около 2 лет назад

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file

CVE-2023-5371

CVSS3: 6.5

msrc

5 месяцев назад

Memory Allocation with Excessive Size Value in Wireshark

SUSE-SU-2023:4083-1

suse-cvrf

около 2 лет назад

Security update for wireshark

EPSS

Процентиль: 15%

0.0005

Низкий