CVE-2023-0666

Wireshark RTPS Parsing Buffer Overflow

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.

Debido a un fallo en la validación de la longitud proporcionada por un atacante de paquetes manipulados RTPS, Wireshark v4.0.5 y anteriores, por defecto, es susceptible a un desbordamiento de búfer de pila y posiblemente la ejecución de código en el contexto del proceso que ejecuta Wireshark.

A flaw was found in the RTPS dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service.

*Credits: Austin Hackers Anonymous!, Austin Hackers Anonymous!

CVSS Scores

NISTv3.1 6.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2023-02-03 CVE Reserved
2023-05-25 CVE Published
2024-08-02 CVE Updated
2024-08-02 First Exploit
2024-09-11 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-122: Heap-based Buffer Overflow
CWE-787: Out-of-bounds Write

CAPEC

CAPEC-100: Overflow Buffers

References (8)

URL	Tag	Source
https://security.gentoo.org/glsa/202309-02	Third Party Advisory
https://www.debian.org/security/2023/dsa-5429	Third Party Advisory
https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html	Release Notes

URL	Date	SRC
https://gitlab.com/wireshark/wireshark/-/issues/19085	2024-08-02
https://takeonme.org/cves/CVE-2023-0666.html	2024-08-02

URL	Date	SRC

URL	Date	SRC
https://www.wireshark.org/security/wnpa-sec-2023-18.html	2023-10-20
https://access.redhat.com/security/cve/CVE-2023-0666	2023-11-14
https://bugzilla.redhat.com/show_bug.cgi?id=2210832	2023-11-14

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Wireshark Search vendor "Wireshark"		Wireshark Search vendor "Wireshark" for product "Wireshark"				>= 4.0.0 < 4.0.6 Search vendor "Wireshark" for product "Wireshark" and version " >= 4.0.0 < 4.0.6"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				12.0 Search vendor "Debian" for product "Debian Linux" and version "12.0"		-		Affected