PT-2020-16425 · Wireshark+1 · Wireshark+1

Published

2020-12-21

Updated

2024-06-15

CVE-2020-26422

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Wireshark versions 3.4.0 through 3.4.1

Description The issue is a buffer overflow in the QUIC dissector, allowing for denial of service via packet injection or crafted capture file.

Recommendations For Wireshark versions 3.4.0 through 3.4.1, consider disabling the QUIC dissector as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2020-26422

OPENSUSE-SU-2021:0909-1

OPENSUSE-SU-2021:2125-1

OPENSUSE-SU-2021_0909-1

OPENSUSE-SU-2021_2125-1

OPENSUSE-SU-2024:11513-1

SUSE-SU-2021:2125-1

Affected Products

Suse

Wireshark

PT-2020-16425 · Wireshark+1 · Wireshark+1

CVE-2020-26422

Weakness Enumeration

Related Identifiers

Affected Products

References · 192