CVE-2021-39928
HIGHWireshark 3.2.0-3.2.17 and 3.4.0-3.4.9 - Denial of Service via IEEE 802.11 Dissector
Title source: llmDescription
NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
References (8)
Core 8
Core References
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YEWTIRMC2MFQBZ2O5M4CJHJM4JPBHLXH/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6AJFIYIHS3TYDD2EBYBJ5KKE52X34BJ/
Third Party Advisory vendor-advisory
https://www.debian.org/security/2021/dsa-5019
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2021/12/msg00015.html
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202210-04
Third Party Advisory
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39928.json
Exploit, Issue Tracking, Third Party Advisory
https://gitlab.com/wireshark/wireshark/-/issues/17704
Vendor Advisory
https://www.wireshark.org/security/wnpa-sec-2021-13.html
Scores
CVSS v3
7.5
EPSS
0.0134
EPSS Percentile
80.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (4)
debian/debian_linux
9.0
fedoraproject/fedora
34
fedoraproject/fedora
35
wireshark/wireshark
3.2.0 - 3.2.18
Published
Nov 18, 2021
Tracked Since
Feb 18, 2026