Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Sep 10, 2024· Updated Mar 27, 2026

Access of Uninitialized Pointer in Wireshark

CVE-2024-8645

Description

SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file

Affected products

5

osv-coords4 versions
pkg:rpm/opensuse/wireshark&distro=openSUSE%20Leap%2015.6 pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweed pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6 pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6
< 4.2.7-150600.18.11.1+ 3 more
- (no CPE)range: < 4.2.7-150600.18.11.1
- (no CPE)range: < 4.4.0-2.1
- (no CPE)range: < 4.2.7-150600.18.11.1
- (no CPE)range: < 4.2.7-150600.18.11.1
Wireshark/Wiresharkv5
Range: 4.2.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

gitlab.com/wireshark/wireshark/-/issues/19559mitreissue-trackingpermissions-required
www.wireshark.org/security/wnpa-sec-2024-10.htmlmitre

News mentions

0

No linked articles in our index yet.