Описание
Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file
A flaw was found in Wireshark. Bundle Protocol and CBOR dissector crashes in Wireshark allow denial of service via packet injection or crafted capture file.
Отчет
No any Red Hat offerings are impacted by this vulnerability.
Меры по смягчению последствий
No mitigation is available for this issue other than updating the affected package to the version containing the fix. However, by disabling BP and avoiding opening capture files from non trusted sources reduces the risk of triggering this vulnerability and crashing Wireshark.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | wireshark | Not affected | ||
| Red Hat Enterprise Linux 7 | wireshark | Not affected | ||
| Red Hat Enterprise Linux 8 | wireshark | Not affected | ||
| Red Hat Enterprise Linux 9 | wireshark | Not affected | ||
| Red Hat Enterprise Linux 10 | wireshark | Fixed | RHSA-2025:9121 | 16.06.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file
Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file
Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 ...
EPSS
7.5 High
CVSS3