Multiple vulnerabilities in Wireshark

Description

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

1. Denial of service vulnerability in IEEE 1609.2 and possibly other ASN.1-based dissectors can be exploited to cause denial of service.
2. Denial of service vulnerability in GVCP dissector can be exploited to cause denial of service.

Original advisories

• Wireshark • wnpa-sec-2024-02 IEEE 1609.2 dissector crash

• Wireshark • wnpa-sec-2024-01 GVCP dissector crash

Exploitation

Public exploits exist for this vulnerability.

Related products

• Wireshark

CVE list

• CVE-2024-0209
  warning
• CVE-2024-0208
  warning

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com