CVE-2021-39923

Опубликовано: 17 нояб. 2021

Источник: redhat

CVSS3: 7.5

EPSS Низкий

Описание

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

A flaw was found in Wireshark. A process failure consumes excessive CPU resources on crafted or malformed PNRP input and can cause a denial of service.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	wireshark	Not affected
Red Hat Enterprise Linux 7	wireshark	Not affected
Red Hat Enterprise Linux 8	wireshark	Not affected
Red Hat Enterprise Linux 9	wireshark	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-400

https://bugzilla.redhat.com/show_bug.cgi?id=2025686wireshark: PNRP dissector large loop

EPSS

Процентиль: 84%

0.0225

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2021-39923

CVSS3: 7.5

ubuntu

около 4 лет назад

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

CVE-2021-39923

CVSS3: 7.5

nvd

около 4 лет назад

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file

CVE-2021-39923

CVSS3: 7.5

msrc

около 4 лет назад

Описание отсутствует

CVE-2021-39923

CVSS3: 7.5

debian

около 4 лет назад

Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 ...

GHSA-v75m-35ph-56m2

CVSS3: 7.5

github

около 4 лет назад

NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file

EPSS

Процентиль: 84%

0.0225

Низкий

7.5 High

CVSS3