Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Nov 21, 2024· Updated Mar 27, 2026

Buffer Over-read in Wireshark

CVE-2024-11596

Description

ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file

Affected products

10

Wireshark/Wiresharkllm-fuzzy2 versions
>=4.4.0 <=4.4.1, >=4.2.0 <=4.2.8+ 1 more
- (no CPE)range: >=4.4.0 <=4.4.1, >=4.2.0 <=4.2.8
- (no CPE)range: 4.4.0
osv-coords8 versions
pkg:rpm/opensuse/wireshark&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7 pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7 pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6 pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7
< 4.2.9-150600.18.17.1+ 7 more
- (no CPE)range: < 4.2.9-150600.18.17.1
- (no CPE)range: < 4.4.2-2.1
- (no CPE)range: < 11.0.0-150700.4.19.1
- (no CPE)range: < 11.0.0-150700.4.19.1
- (no CPE)range: < 4.2.9-150600.18.17.1
- (no CPE)range: < 4.6.4-150700.21.8.1
- (no CPE)range: < 4.2.9-150600.18.17.1
- (no CPE)range: < 4.6.4-150700.21.8.1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

gitlab.com/wireshark/wireshark/-/issues/20214mitreissue-trackingpermissions-required
www.wireshark.org/security/wnpa-sec-2024-15.htmlmitre

News mentions

0

No linked articles in our index yet.