CVE-2023-0417

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-0417
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0417.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-0417
Related
Published
2023-01-26T21:18:08Z
Modified
2024-09-30T08:59:18.522102Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

References

Affected packages

Debian:11 / wireshark

Package

Name
wireshark
Purl
pkg:deb/debian/wireshark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.16-0+deb11u1

Affected versions

3.*

3.4.4-1
3.4.6-1~exp1
3.4.7-1~exp1
3.4.7-1
3.4.8-1
3.4.9-1
3.4.10-0+deb11u1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / wireshark

Package

Name
wireshark
Purl
pkg:deb/debian/wireshark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / wireshark

Package

Name
wireshark
Purl
pkg:deb/debian/wireshark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/wireshark/wireshark

Affected ranges

Affected versions

v3.*

v3.6.0
v3.6.1
v3.6.10
v3.6.10rc0
v3.6.1rc0
v3.6.2
v3.6.2rc0
v3.6.3
v3.6.3rc0
v3.6.4
v3.6.4rc0
v3.6.5
v3.6.5rc0
v3.6.6
v3.6.6rc0
v3.6.7
v3.6.7rc0
v3.6.8
v3.6.8rc0
v3.6.9
v3.6.9rc0

v4.*

v4.0.0
v4.0.1
v4.0.1rc0
v4.0.2
v4.0.2rc0

wireshark-3.*

wireshark-3.6.0
wireshark-3.6.1
wireshark-3.6.10
wireshark-3.6.2
wireshark-3.6.3
wireshark-3.6.4
wireshark-3.6.5
wireshark-3.6.6
wireshark-3.6.7
wireshark-3.6.8
wireshark-3.6.9

wireshark-4.*

wireshark-4.0.0
wireshark-4.0.1
wireshark-4.0.2