CVE-2024-4853
LOWWireshark 3.6.0-3.6.22 and 4.0.0-4.0.14 and 4.2.0-4.2.4 - Denial of Service via Crafted Capture File
Title source: llmDescription
Memory handling issue in editcap could cause denial of service via crafted capture file
References (5)
Core 5
Core References
Vendor Advisory
https://www.wireshark.org/security/wnpa-sec-2024-08.html
Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW/
Mailing List
https://lists.fedoraproject.org/archives/list/[email protected]/message/7MKFJAZDKXGFFQPRDYLX2AANRNMYZZEZ/
Exploit, Issue Tracking issue-tracking
permissions-required
https://gitlab.com/wireshark/wireshark/-/issues/19724
Scores
CVSS v3
3.6
EPSS
0.0006
EPSS Percentile
18.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-762
CWE-787
Status
published
Products (6)
fedoraproject/fedora
39
fedoraproject/fedora
40
wireshark/wireshark
3.6.0 - 3.6.23
Wireshark Foundation/editcap
3.6.0 - 3.6.23
Wireshark Foundation/editcap
4.0.0 - 4.0.15
Wireshark Foundation/editcap
4.2.0 - 4.2.5
Published
May 14, 2024
Tracked Since
Feb 18, 2026