Vulnerabilites related to SharkFest Foundation - Wireshark
CVE-2022-3190 (GCVE-0-2022-3190)
Vulnerability from cvelistv5
Published
2022-09-13 00:00
Modified
2024-08-03 01:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Loop with unreachable exit condition ('infinite loop') in Wireshark
Summary
Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SharkFest Foundation | Wireshark |
Version: >=3.6.0, <3.6.8 Version: >=3.4.0, <3.4.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:00:10.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2022-06.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/wireshark/wireshark/-/issues/18307"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3190.json"
},
{
"name": "FEDORA-2022-1f2fbb087e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YR5LIOF5VKS4DC2NQWXTMPPXOYJC46XC/"
},
{
"name": "FEDORA-2022-9d4aa8a486",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CH4NUKZKPY4MFQHFBTONJK2AWES4DFDA/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Wireshark",
"vendor": "SharkFest Foundation",
"versions": [
{
"status": "affected",
"version": "\u003e=3.6.0, \u003c3.6.8"
},
{
"status": "affected",
"version": "\u003e=3.4.0, \u003c3.4.16"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jason Cohen"
}
],
"descriptions": [
{
"lang": "en",
"value": "Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Loop with unreachable exit condition (\u0027infinite loop\u0027) in Wireshark",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-17T00:00:00",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://www.wireshark.org/security/wnpa-sec-2022-06.html"
},
{
"url": "https://gitlab.com/wireshark/wireshark/-/issues/18307"
},
{
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3190.json"
},
{
"name": "FEDORA-2022-1f2fbb087e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YR5LIOF5VKS4DC2NQWXTMPPXOYJC46XC/"
},
{
"name": "FEDORA-2022-9d4aa8a486",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CH4NUKZKPY4MFQHFBTONJK2AWES4DFDA/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2022-3190",
"datePublished": "2022-09-13T00:00:00",
"dateReserved": "2022-09-12T00:00:00",
"dateUpdated": "2024-08-03T01:00:10.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}