CVE-2021-4190

Опубликовано: 29 дек. 2021

Источник: redhat

CVSS3: 7.5

Описание

Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file

An infinite-loop flaw was found in Wireshark. This flaw allows an attacker with local network access to pass specially crafted capture files, causing an application to halt, crash, or go into an infinite loop.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	wireshark	Not affected
Red Hat Enterprise Linux 7	wireshark	Not affected
Red Hat Enterprise Linux 8	wireshark	Not affected
Red Hat Enterprise Linux 9	wireshark	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-20

https://bugzilla.redhat.com/show_bug.cgi?id=2039029wireshark: Kafka dissector infinite loop

7.5 High

CVSS3

Связанные уязвимости

CVE-2021-4190

CVSS3: 7.5

ubuntu

около 4 лет назад

Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file

CVE-2021-4190

CVSS3: 7.5

nvd

около 4 лет назад

Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file

CVE-2021-4190

CVSS3: 7.5

msrc

почти 4 года назад

Описание отсутствует

CVE-2021-4190

CVSS3: 7.5

debian

около 4 лет назад

Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of ...

GHSA-pmc4-9968-jrp7

CVSS3: 7.5

github

около 4 лет назад

Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file

7.5 High

CVSS3