Denial of Service Vulnerability in Wireshark by The Wireshark Foundation
CVE-2021-4182

7.5HIGH

Key Information:

Vendor: Wireshark
Status: Wireshark
Vendor: CVE Published:; 30 December 2021

Summary

A vulnerability in Wireshark allows a denial of service due to a crash in the RFC 7468 dissector. This can be triggered by packet injection or by using a crafted capture file, potentially disrupting network analysis operations for users on affected versions.

Affected Version(s)

Wireshark =3.6.0 = 3.6.0

Wireshark >=3.4.0, <3.4.10 < 3.4.0, 3.4.10

References

https://www.wireshark.org/security/wnpa-sec-2021-20.html

https://gitlab.com/wireshark/wireshark/-/issues/17801

https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 30, 2021
Vulnerability Reserved
Dec 27, 2021

Credit

????? ????????