CVE-2021-39924
HIGHWireshark 3.2.0-3.2.17 and 3.4.0-3.4.9 - Denial of Service via Bluetooth DHT Dissector
Title source: llmDescription
Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
References (8)
Core 8
Core References
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YEWTIRMC2MFQBZ2O5M4CJHJM4JPBHLXH/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6AJFIYIHS3TYDD2EBYBJ5KKE52X34BJ/
Third Party Advisory vendor-advisory
https://www.debian.org/security/2021/dsa-5019
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2021/12/msg00015.html
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202210-04
Third Party Advisory
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39924.json
Exploit, Issue Tracking, Patch, Third Party Advisory
https://gitlab.com/wireshark/wireshark/-/issues/17677
Vendor Advisory
https://www.wireshark.org/security/wnpa-sec-2021-10.html
Scores
CVSS v3
7.5
EPSS
0.0493
EPSS Percentile
91.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-834
Status
published
Products (4)
debian/debian_linux
9.0
fedoraproject/fedora
34
fedoraproject/fedora
35
wireshark/wireshark
3.2.0 - 3.2.17
Published
Nov 19, 2021
Tracked Since
Feb 18, 2026