PT-2023-16440 · Wireshark+4 · Wireshark+4

Wanderingglitch

Published

2023-05-30

Updated

2025-01-07

CVE-2023-0668

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.0.5 and prior

Description The issue arises from a failure to validate the length provided by an attacker-crafted IEEE-C37.118 packet, making Wireshark susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.

Recommendations For Wireshark versions 4.0.5 and prior, consider disabling the processing of IEEE-C37.118 packets until a patch is available. As a temporary workaround, restrict access to the vulnerable function that handles IEEE-C37.118 packets to minimize the risk of exploitation. Avoid using Wireshark to analyze potentially malicious packets until the issue is resolved.

Exploit

Fix

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

ALSA-2023:6469

ALT-PU-2023-1938

ALT-PU-2023-1971

ALT-PU-2023-1976

ALT-PU-2023-5823

ALT-PU-2023-6556

CVE-2023-0668

DLA-3906-1

DSA-5429-1

ELSA-2023-6469

OESA-2023-1321

OESA-2023-1322

OPENSUSE-SU-2023_3252-1

OPENSUSE-SU-2024:12958-1

RHSA-2023:6469

RHSA-2023_6469

ROSA-SA-2024-2388

SUSE-SU-2023:2320-1

SUSE-SU-2023:3252-1

SUSE-SU-2023_2320-1

Affected Products

Alt Linux

Almalinux

Red Hat

Suse

Wireshark

PT-2023-16440 · Wireshark+4 · Wireshark+4

CVE-2023-0668

Weakness Enumeration

Related Identifiers

Affected Products

References · 219