PT-2024-15386 · Wireshark+2 · Wireshark+2

Dexter Gerig

·

Published

2024-01-03

·

Updated

2024-09-09

·

CVE-2024-0207

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Wireshark version 4.2.0
Description The issue allows for denial of service via packet injection or crafted capture file, specifically affecting the HTTP3 dissector.
Recommendations For Wireshark version 4.2.0, consider disabling the HTTP3 dissector as a temporary workaround until a patch is available.

Exploit

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2024-1387
CVE-2024-0207
OPENSUSE-SU-2024:13556-1
OPENSUSE-SU-2024_3165-1
SUSE-SU-2024:3165-1

Affected Products

Alt Linux
Suse
Wireshark