PT-2023-14203 · Wireshark+2 · Wireshark+2

Sharon Brizinov

Publicado

2023-01-05

Atualizado

2025-09-29

CVE-2022-4344

CVSS v3.1

6.3

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Wireshark versions 3.6.0 through 3.6.9 Wireshark versions 4.0.0 through 4.0.1

Description Memory exhaustion in the Kafka protocol dissector allows denial of service via packet injection or crafted capture file.

Recommendations For Wireshark versions 3.6.0 through 3.6.9, update to a version that fixes the memory exhaustion issue in the Kafka protocol dissector. For Wireshark versions 4.0.0 through 4.0.1, update to a version that fixes the memory exhaustion issue in the Kafka protocol dissector. As a temporary workaround, consider disabling the Kafka protocol dissector until a patch is available.

Exploit

Correção

DoS

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400

Identificadores relacionados

ALSA-2025_16880

ALT-PU-2023-1009

ALT-PU-2023-1036

ALT-PU-2023-1062

ALT-PU-2023-5823

AZL-12994

CVE-2022-4344

DLA-3906-1

OESA-2023-1094

OESA-2023-1115

ROSA-SA-2023-2257

ROSA-SA-2023-2258

Produtos afetados

Alt Linux

Astra Linux

Wireshark

PT-2023-14203 · Wireshark+2 · Wireshark+2

CVE-2022-4344

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 31