KLA61756
Multiple vulnerabilities in Wireshark

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

1. Denial of service vulnerability in NetScaler file parser can be exploited to cause denial of service.
2. Denial of service vulnerability in XRA dissector can be exploited to cause denial of service.
3. Denial of service vulnerability in VMS TCPIPtrace file parser can be exploited to cause denial of service.
4. Denial of service vulnerability in Candump log file parser can be exploited to cause denial of service.
5. Denial of service vulnerability in RTPS dissector can be exploited to cause denial of service.
6. Denial of service vulnerability in BLF file parser can be exploited to cause denial of service.
7. Denial of service vulnerability in GDSDB dissector can be exploited to cause denial of service.
8. Denial of service vulnerability in IEEE C37.118 Synchrophasor dissector can be exploited to cause denial of service.

Wireshark 3.6.x earlier than 3.6.14
Wireshark 4.0.x earlier than 4.0.6

Update to the latest version
Download Wireshark

Wireshark • wnpa-sec-2023-15 NetScaler file parser crash
Wireshark • wnpa-sec-2023-12 Candump log file parser crash
Wireshark • wnpa-sec-2023-19 IEEE C37.118 Synchrophasor dissector crash
Wireshark • wnpa-sec-2023-20 XRA dissector infinite loop
Wireshark • wnpa-sec-2023-13 BLF file parser crash
Wireshark • wnpa-sec-2023-18 RTPS dissector crash
Wireshark • wnpa-sec-2023-16 VMS TCPIPtrace file parser crash
Wireshark • wnpa-sec-2023-17 BLF file parser crash
Wireshark • wnpa-sec-2023-14 GDSDB dissector infinite loop