CVE-2022-3190

MEDIUM

Wireshark 3.4.0-3.4.15 and 3.6.0-3.6.7 - Denial of Service via F5 Ethernet Trailer Dissector Infinite Loop

Title source: llm

Description

Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file

References (6)

Core 6

Core References

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YR5LIOF5VKS4DC2NQWXTMPPXOYJC46XC/

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CH4NUKZKPY4MFQHFBTONJK2AWES4DFDA/

Third Party Advisory, VDB Entry

https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3190.json

View Writeup ZIP pw:eip

Exploit, Third Party Advisory

https://gitlab.com/wireshark/wireshark/-/issues/18307

Mailing List

https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html

Exploit, Issue Tracking, Third Party Advisory

https://www.wireshark.org/security/wnpa-sec-2022-06.html

Scores

CVSS v3 6.3

EPSS 0.0170

EPSS Percentile 74.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Details

CWE

CWE-835

Status published

Products (3)

fedoraproject/fedora 36

fedoraproject/fedora 37

wireshark/wireshark 3.4.0 - 3.4.16

Published Sep 13, 2022

Tracked Since Feb 18, 2026