Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published May 26, 2023· Updated Jan 15, 2025

CVE-2023-2857

CVE-2023-2857

Description

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Affected products

11

osv-coords10 versions
pkg:rpm/opensuse/wireshark&distro=openSUSE%20Leap%2015.4 pkg:rpm/opensuse/wireshark&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4 pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4 pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5 pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3 pkg:rpm/suse/wireshark&distro=SUSE%20Manager%20Proxy%204.2 pkg:rpm/suse/wireshark&distro=SUSE%20Manager%20Server%204.2
< 3.6.14-150000.3.92.1+ 9 more
- (no CPE)range: < 3.6.14-150000.3.92.1
- (no CPE)range: < 3.6.14-150000.3.92.1
- (no CPE)range: < 4.0.6-1.1
- (no CPE)range: < 3.6.14-150000.3.92.1
- (no CPE)range: < 3.6.14-150000.3.92.1
- (no CPE)range: < 3.6.14-150000.3.92.1
- (no CPE)range: < 3.6.14-150000.3.92.1
- (no CPE)range: < 3.6.14-150000.3.92.1
- (no CPE)range: < 3.6.15-150000.3.97.1
- (no CPE)range: < 3.6.15-150000.3.97.1
Wireshark/Wiresharkv5
Range: >=4.0.0, <4.0.6

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

security.gentoo.org/glsa/202309-02mitrevendor-advisory
www.debian.org/security/2023/dsa-5429mitrevendor-advisory
gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2857.jsonmitre
gitlab.com/wireshark/wireshark/-/issues/19063mitre
www.wireshark.org/security/wnpa-sec-2023-13.htmlmitre

News mentions

0

No linked articles in our index yet.