Buffer Overflow Vulnerability in Wireshark Software

CVE-2024-24476

Summary

A vulnerability exists in Wireshark that could allow a remote attacker to exploit a buffer overflow, potentially leading to a denial of service. This issue arises due to improper handling of certain components in the source code prior to version 4.2.0, specifically within the functions found in pan/addr_resolv.c and ws_manuf_lookup_str(). It is important to note that the vendor disputes the impact of this vulnerability on any released version, emphasizing that neither version 4.2.0 nor previous iterations have been confirmed as affected. Users are advised to remain vigilant and ensure that they are using the latest stable release to fortify their systems against prospective threats.

References