CVE-2021-39928
Gentoo Linux Security Advisory 202210-04
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file
Una excepción de puntero NULL en el disector IEEE 802.11 en Wireshark versiones 3.4.0 a 3.4.9 y 3.2.0 a 3.2.17, permite una denegación de servicio por medio de la inyección de paquetes o de un archivo de captura diseñado.
An update that fixes 8 vulnerabilities is now available. This update for wireshark fixes the following issues. IPPUSB dissector crash. Modbus dissector crash. C12.22 dissector crash. Bluetooth DHT dissector large loop. Bluetooth SDP dissector crash. Bluetooth HCI_ISO dissector crash. IEEE 802.11 dissector crash. Bluetooth DHT dissector crash. This update was imported from the SUSE:SLE-15:Update update project.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-08-23 CVE Reserved
- 2021-11-18 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- 2025-05-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39928.json | Third Party Advisory | |
https://lists.debian.org/debian-lts-announce/2021/12/msg00015.html | Mailing List |
|
URL | Date | SRC |
---|---|---|
https://gitlab.com/wireshark/wireshark/-/issues/17704 | 2024-08-04 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | >= 3.2.0 < 3.2.18 Search vendor "Wireshark" for product "Wireshark" and version " >= 3.2.0 < 3.2.18" | - |
Affected
| ||||||
Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | >= 3.4.0 < 3.4.10 Search vendor "Wireshark" for product "Wireshark" and version " >= 3.4.0 < 3.4.10" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 34 Search vendor "Fedoraproject" for product "Fedora" and version "34" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
|