Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-4345

Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

Published

2023-01-12T04:15:10.663

Last Modified

2025-04-08T17:15:34.117

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-835
Type: Secondary
CWE-835

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	wireshark	wireshark	< 3.6.10	Yes
Application	wireshark	wireshark	< 4.0.2	Yes

References

https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4345.json Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2023/02/msg00007.html ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDZMWIKH3L5JQZC6GSVOJ3N5UXNQPJGQ/ ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGWIW6K64PKC375YAONYXKIVT2FDEDV3/ ([email protected])
https://www.wireshark.org/security/wnpa-sec-2022-09.html Vendor Advisory ([email protected])
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4345.json Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/02/msg00007.html (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDZMWIKH3L5JQZC6GSVOJ3N5UXNQPJGQ/ (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGWIW6K64PKC375YAONYXKIVT2FDEDV3/ (af854a3a-2127-422b-91ae-364da2661108)
https://www.wireshark.org/security/wnpa-sec-2022-09.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)