Description
Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file
References (8)
Core 8
Core References
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202210-04
Third Party Advisory
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0582.json
Exploit, Issue Tracking, Third Party Advisory
https://gitlab.com/wireshark/wireshark/-/issues/17882
Issue Tracking, Vendor Advisory
https://www.wireshark.org/security/wnpa-sec-2022-04.html
Scores
CVSS v3
6.3
EPSS
0.0006
EPSS Percentile
19.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Details
CWE
CWE-476
Status
published
Products (6)
debian/debian_linux
9.0
fedoraproject/fedora
34
fedoraproject/fedora
35
wireshark/wireshark
3.6.0
wireshark/wireshark
3.6.1
wireshark/wireshark
3.4.0 - 3.4.12
Published
Feb 14, 2022
Tracked Since
Feb 18, 2026