Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2024-4854
HistoryMay 15, 2024 - 10:24 p.m.

CVE-2024-4854

2024-05-1522:24:58
redhat.com
access.redhat.com
28
wireshark
denial of service
packet injection
crafted capture file
cve-2024-4854
mongo
zigbee
tlv dissector
infinite loops

CVSS3

6.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H

AI Score

6.1

Confidence

High

EPSS

0

Percentile

10.3%

JSON

A flaw was found in the MONGO and ZigBee TLV dissectors of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an infinite loop, resulting in a denial of service.

Mitigation

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Related

nvd 1
ubuntucve 1
cve 1
debiancve 1
alpinelinux 1
cvelist 1
vulnrichment 1
openvas 7
nessus 10
mageia 1
fedora 2
photon 2
redos 1
nvd
nvd
CVE-2024-4854
2024-05-14 15:45:18
ubuntucve
ubuntucve
CVE-2024-4854
2024-05-14 00:00:00
cve
cve
CVE-2024-4854
2024-05-14 15:45:18
debiancve
debiancve
CVE-2024-4854
2024-05-14 15:45:18
alpinelinux
alpinelinux
CVE-2024-4854
2024-05-14 15:45:18
cvelist
cvelist
CVE-2024-4854 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
2024-05-14 00:03:12
vulnrichment
vulnrichment
CVE-2024-4854 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
2024-05-14 00:03:12
openvas
openvas
Wireshark Multiple Vulnerabilities (Jun 2024) - Linux
2024-06-26 00:00:00
Wireshark Multiple Vulnerabilities (Jun 2024) - Mac OS X
2024-06-26 00:00:00
Wireshark Multiple Vulnerabilities (Jun 2024) - Windows
2024-06-26 00:00:00
nessus
nessus
Wireshark 3.6.x < 3.6.23 Multiple Vulnerabilities (macOS)
2024-05-15 00:00:00
Wireshark 3.6.x < 3.6.23 Multiple Vulnerabilities
2024-05-15 00:00:00
Wireshark 4.2.x < 4.2.5 Multiple Vulnerabilities (macOS)
2024-05-15 00:00:00
mageia
mageia
Updated wireshark packages fix security vulnerabilities
2024-06-03 21:30:48
fedora
fedora
[SECURITY] Fedora 40 Update: wireshark-4.2.5-1.fc40
2024-05-31 01:17:07
[SECURITY] Fedora 39 Update: wireshark-4.0.15-1.fc39
2024-05-31 02:14:13
photon
photon
Moderate Photon OS Security Update - PHSA-2024-5.0-0275
2024-05-22 00:00:00
Moderate Photon OS Security Update - PHSA-2024-4.0-0614
2024-05-22 00:00:00
redos
redos
ROS-20240606-03
2024-06-06 00:00:00

CVSS3

6.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H

AI Score

6.1

Confidence

High

EPSS

0

Percentile

10.3%

JSON
Related for RH:CVE-2024-4854
nvd1ubuntucve1cve1debiancve1alpinelinux1cvelist1vulnrichment1openvas7nessus10mageia1fedora2photon2redos1