Unrated severityNVD Advisory· Published Jun 7, 2023· Updated Nov 3, 2025
Wireshark RTPS Parsing Buffer Overflow
CVE-2023-0666
Description
Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.
Affected products
8- osv-coords7 versionspkg:rpm/almalinux/wiresharkpkg:rpm/almalinux/wireshark-clipkg:rpm/almalinux/wireshark-develpkg:rpm/opensuse/wireshark&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweedpkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6
< 1:3.4.10-6.el9+ 6 more
- (no CPE)range: < 1:3.4.10-6.el9
- (no CPE)range: < 1:3.4.10-6.el9
- (no CPE)range: < 1:3.4.10-6.el9
- (no CPE)range: < 4.2.6-150600.18.6.1
- (no CPE)range: < 4.0.6-1.1
- (no CPE)range: < 4.2.6-150600.18.6.1
- (no CPE)range: < 4.2.6-150600.18.6.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- takeonme.org/cves/CVE-2023-0666.htmlmitrethird-party-advisory
- www.wireshark.org/security/wnpa-sec-2023-18.htmlmitrevendor-advisory
- gitlab.com/wireshark/wireshark/-/issues/19085mitreissue-tracking
- www.wireshark.org/docs/relnotes/wireshark-4.0.6.htmlmitrerelease-notes
- security.gentoo.org/glsa/202309-02mitre
- www.debian.org/security/2023/dsa-5429mitre
News mentions
0No linked articles in our index yet.