PT-2023-14203 · Wireshark+2 · Wireshark+2

Sharon Brizinov

Published

2023-01-05

Updated

2025-09-29

CVE-2022-4344

CVSS v3.1

6.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Wireshark versions 3.6.0 through 3.6.9 Wireshark versions 4.0.0 through 4.0.1

Description Memory exhaustion in the Kafka protocol dissector allows denial of service via packet injection or crafted capture file.

Recommendations For Wireshark versions 3.6.0 through 3.6.9, update to a version that fixes the memory exhaustion issue in the Kafka protocol dissector. For Wireshark versions 4.0.0 through 4.0.1, update to a version that fixes the memory exhaustion issue in the Kafka protocol dissector. As a temporary workaround, consider disabling the Kafka protocol dissector until a patch is available.

Exploit

Fix

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

ALSA-2025_16880

ALT-PU-2023-1009

ALT-PU-2023-1036

ALT-PU-2023-1062

ALT-PU-2023-5823

AZL-12994

CVE-2022-4344

DLA-3906-1

OESA-2023-1094

OESA-2023-1115

ROSA-SA-2023-2257

ROSA-SA-2023-2258

Affected Products

Alt Linux

Astra Linux

Wireshark

PT-2023-14203 · Wireshark+2 · Wireshark+2

CVE-2022-4344

Weakness Enumeration

Related Identifiers

Affected Products

References · 31