KLA61755
Multiple vulnerabilities in Wireshark

Updated: 11/02/2023
Detect date
04/12/2023
Severity
?
High
Description

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

  1. Denial of service vulnerability in LISP dissector can be exploited to cause denial of service.
  2. Denial of service vulnerability in RPC over RDMA dissector can be exploited to cause denial of service.
  3. Denial of service vulnerability in GQUIC dissector can be exploited to cause denial of service.
Affected products

Wireshark 3.6.x earlier than 3.6.13
Wireshark 4.0.x earlier than 4.0.5

Solution

Update to the latest version
Download Wireshark

Original advisories

Wireshark • wnpa-sec-2023-11 GQUIC dissector crash
Wireshark • wnpa-sec-2023-10 LISP dissector large loop
Wireshark • wnpa-sec-2023-09 RPCoRDMA dissector crash

Impacts
?
DoS 
[?]
Related products
Wireshark
CVE-IDS
?
CVE-2023-19935.0Warning
CVE-2023-19945.0Warning
CVE-2023-19925.0Warning
Find out the statistics of the vulnerabilities spreading in your region