CVE-2024-2955 – Mismatched Memory Management Routines in Wireshark
https://notcve.org/view.php?id=CVE-2024-2955
T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file La falla del disector T.38 en Wireshark 4.2.0 a 4.0.3 y 4.0.0 a 4.0.13 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19695 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7TWJQKXOV4HYI5C4TWRKTN7B5YL7GTU https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZD2MNS6EW2K2SSMN4YBGPZCC47KBDNEE https://www.wireshark.org/security/wnpa-sec-2024-06.html • CWE-762: Mismatched Memory Management Routines •
CVE-2024-0211 – Uncontrolled Recursion in Wireshark
https://notcve.org/view.php?id=CVE-2024-0211
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file El fallo del disector DOCSIS en Wireshark 4.2.0 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19557 https://www.wireshark.org/security/wnpa-sec-2024-05.html • CWE-674: Uncontrolled Recursion •
CVE-2024-0210 – Uncontrolled Recursion in Wireshark
https://notcve.org/view.php?id=CVE-2024-0210
Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file El fallo del disector Zigbee TLV en Wireshark 4.2.0 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19504 https://www.wireshark.org/security/wnpa-sec-2024-04.html • CWE-674: Uncontrolled Recursion •
CVE-2024-0209 – NULL Pointer Dereference in Wireshark
https://notcve.org/view.php?id=CVE-2024-0209
IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file El fallo del disector IEEE 1609.2 en Wireshark 4.2.0, 4.0.0 a 4.0.11 y 3.6.0 a 3.6.19 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19501 https://www.wireshark.org/security/wnpa-sec-2024-02.html • CWE-476: NULL Pointer Dereference •
CVE-2024-0208 – Uncontrolled Recursion in Wireshark
https://notcve.org/view.php?id=CVE-2024-0208
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file El fallo del disector GVCP en Wireshark 4.2.0, 4.0.0 a 4.0.11 y 3.6.0 a 3.6.19 permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado • https://gitlab.com/wireshark/wireshark/-/issues/19496 https://lists.debian.org/debian-lts-announce/2024/02/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34DBP5P2RHQ7XUABPANYYMOGV5KS6VEP https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MADSCHKZSCKQ5NLIX3UMOIJD2JZ65L4V https://www.wireshark.org/security/wnpa-sec-2024-01.html • CWE-674: Uncontrolled Recursion •