CVE-2023-5371

Опубликовано: 04 окт. 2023

Источник: redhat

CVSS3: 6.5

EPSS Низкий

Описание

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file

A memory leak flaw was found in Wireshark's RTPS dissector. This issue may cause an application crash via packet injection or crafted capture file.

Отчет

Default memory protections in Red Hat Enterprise Linux should prevent this issue from causing a higher impact than an application crash in the user context. Therefore, the severity of this flaw is low.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	wireshark	Out of support scope
Red Hat Enterprise Linux 7	wireshark	Out of support scope
Red Hat Enterprise Linux 8	wireshark	Fix deferred
Red Hat Enterprise Linux 9	wireshark	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-401

https://bugzilla.redhat.com/show_bug.cgi?id=2250146wireshark: RTPS dissector memory leak

EPSS

Процентиль: 10%

0.00039

Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2023-5371

CVSS3: 5.3

ubuntu

почти 2 года назад

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file

CVE-2023-5371

CVSS3: 5.3

nvd

почти 2 года назад

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file

CVE-2023-5371

CVSS3: 6.5

msrc

около 2 месяцев назад

Описание отсутствует

CVE-2023-5371

CVSS3: 5.3

debian

почти 2 года назад

RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3. ...

SUSE-SU-2023:4083-1

suse-cvrf

почти 2 года назад

Security update for wireshark

EPSS

Процентиль: 10%

0.00039

Низкий

6.5 Medium

CVSS3