PT-2023-5120 · Wireshark+4 · Wireshark+4

Chenyuan Mi

Publicado

2023-08-24

Atualizado

2024-09-30

CVE-2023-4511

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Wireshark versions 3.6.0 through 3.6.15 Wireshark versions 4.0.0 through 4.0.7

Description The issue is related to the BT SDP dissector in Wireshark, which can enter an infinite loop. This can be exploited to cause a denial of service via packet injection or a crafted capture file. The exploitation of this issue may allow a remote attacker to cause a service disruption.

Recommendations For Wireshark versions 3.6.0 through 3.6.15, update to a version outside of this range to resolve the issue. For Wireshark versions 4.0.0 through 4.0.7, update to a version outside of this range to resolve the issue. As a temporary workaround, consider disabling the BT SDP dissector until a patch is available.

Exploit

Correção

DoS

Infinite Loop

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-835

Identificadores relacionados

ALT-PU-2023-5646

ALT-PU-2023-5647

ALT-PU-2023-5648

ALT-PU-2023-5823

ALT-PU-2023-6556

BDU:2023-05711

CVE-2023-4511

DLA-3746-1

DLA-3906-1

DSA-5559-1

MGASA-2023-0275

OESA-2023-1652

OPENSUSE-SU-2024:13184-1

ROSA-SA-2024-2390

SUSE-SU-2023:3778-1

Produtos afetados

Alt Linux

Astra Linux

Red Os

Suse

Wireshark

PT-2023-5120 · Wireshark+4 · Wireshark+4

CVE-2023-4511

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 51