Описание
SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file
An invalid memory block read was found in Wireshark's SSH dissector. This issue may lead to an application crash and denial of service via packet injection or crafted capture file.
Отчет
Default memory protections in Red Hat Enterprise Linux should prevent this issue from causing a higher impact than an application crash in the user context. Therefore, the severity of this flaw is low.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | wireshark | Out of support scope | ||
| Red Hat Enterprise Linux 7 | wireshark | Out of support scope | ||
| Red Hat Enterprise Linux 8 | wireshark | Fix deferred | ||
| Red Hat Enterprise Linux 9 | wireshark | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file
SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file
SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of serv ...
SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file
Уязвимость SSH-диссектора анализатора трафика компьютерных сетей Wireshark, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.3 Medium
CVSS3