Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted capture file

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3906 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-3906-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                          Adrian Bunk     September 30, 2024                            https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : wireshark     Version        : 3.4.16-0+deb11u1     CVE ID         : CVE-2021-4181 CVE-2021-4182 CVE-2021-4184 CVE-2021-4185                      CVE-2021-4186 CVE-2021-4190 CVE-2022-0581 CVE-2022-0582                      CVE-2022-0583 CVE-2022-0585 CVE-2022-0586 CVE-2022-3190                      CVE-2022-4344 CVE-2022-4345 CVE-2023-0411 CVE-2023-0412                      CVE-2023-0413 CVE-2023-0415 CVE-2023-0416 CVE-2023-0417                      CVE-2023-0666 CVE-2023-0667 CVE-2023-0668 CVE-2023-1161                      CVE-2023-1992 CVE-2023-1993 CVE-2023-1994 CVE-2023-2855                      CVE-2023-2856 CVE-2023-2858 CVE-2023-2879 CVE-2023-2906                      CVE-2023-2952 CVE-2023-3648 CVE-2023-3649 CVE-2023-4511                      CVE-2023-4512 CVE-2023-4513 CVE-2023-6175 CVE-2024-0208                      CVE-2024-0209 CVE-2024-0211 CVE-2024-2955 CVE-2024-4853                      CVE-2024-4854 CVE-2024-8250 CVE-2024-8645     Debian Bug     : 1033756 1034721 1041101 1059925 1068111 1080298

    Multiple vulnerabilities have been fixed in the network traffic analyzer     Wireshark.

    CVE-2021-4181

        Sysdig Event dissector crash

    CVE-2021-4182

        RFC 7468 dissector crash

    CVE-2021-4184

        BitTorrent DHT dissector infinite loop

    CVE-2021-4185

        RTMPT dissector infinite loop

    CVE-2021-4186

        Gryphon dissector crash

    CVE-2021-4190

        Kafka dissector large loop DoS

    CVE-2022-0581

        CMS protocol dissector crash

    CVE-2022-0582

        CSN.1 protocol dissector unaligned access

    CVE-2022-0583

        PVFS protocol dissector crash

    CVE-2022-0585

        Large loops in multiple dissectors

    CVE-2022-0586

        RTMPT protocol dissector infinite loop

    CVE-2022-3190

        F5 Ethernet Trailer dissector infinite loop

    CVE-2022-4344

        Kafka protocol dissector memory exhaustion

    CVE-2022-4345

        Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors

    CVE-2023-0411

        Excessive loops in the BPv6, NCP and RTPS protocol dissectors

    CVE-2023-0412

        TIPC dissector crash

    CVE-2023-0413

        Dissection engine bug DoS

    CVE-2023-0415

        iSCSI dissector crash

    CVE-2023-0416

        GNW dissector crash

    CVE-2023-0417

        NFS dissector memory leak

    CVE-2023-0666

        RTPS parsing heap overflow

    CVE-2023-0667

        MSMMS dissector buffer overflow

    CVE-2023-0668

        IEEE C37.118 Synchrophasor dissector crash

    CVE-2023-1161

        ISO 15765 dissector crash

    CVE-2023-1992

        RPCoRDMA dissector crash

    CVE-2023-1993

        LISP dissector large loop

    CVE-2023-1994

        GQUIC dissector crash

    CVE-2023-2855

        Candump log parser crash

    CVE-2023-2856

        VMS TCPIPtrace file parser crash

    CVE-2023-2858

        NetScaler file parser crash

    CVE-2023-2879

        GDSDB dissector infinite loop

    CVE-2023-2906

        CP2179 dissector crash

    CVE-2023-2952

        XRA dissector infinite loop

    CVE-2023-3648

        Kafka dissector crash

    CVE-2023-3649

        iSCSI dissector crash

    CVE-2023-4511

        BT SDP dissector infinite loop

    CVE-2023-4512

        CBOR dissector crash

    CVE-2023-4513

        BT SDP dissector memory leak

    CVE-2023-6175

        NetScreen file parser crash

    CVE-2024-0208

        GVCP dissector crash

    CVE-2024-0209

        IEEE 1609.2 dissector crash

    CVE-2024-0211

        DOCSIS dissector crash

    CVE-2024-2955

        T.38 dissector crash

    CVE-2024-4853

        Editcap byte chopping crash

    CVE-2024-4854

        MONGO dissector infinite loop

    CVE-2024-8250

        NTLMSSP dissector crash

    CVE-2024-8645

        SPRT dissector crash

    For Debian 11 bullseye, these problems have been fixed in version     3.4.16-0+deb11u1.

    We recommend that you upgrade your wireshark packages.

    For the detailed security status of wireshark please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/wireshark

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

An update of the wireshark package has been released.

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - wireshark: Kafka dissector infinite loop (CVE-2021-4190)

  - wireshark: ISO 15765 and ISO 10681 dissector crash (CVE-2023-1161)

  - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4181)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-038 advisory.

  - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via     packet injection or crafted capture file (CVE-2021-39920)

  - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39921)

  - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of     service via packet injection or crafted capture file (CVE-2021-39922)

  - Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service     via packet injection or crafted capture file (CVE-2021-39923)

  - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of     service via packet injection or crafted capture file (CVE-2021-39924)

  - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39925)

  - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service     via packet injection or crafted capture file (CVE-2021-39926)

  - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39928)

  - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17     allows denial of service via packet injection or crafted capture file (CVE-2021-39929)

  - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4181)

  - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet     injection or crafted capture file (CVE-2021-4182)

  - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of     service via packet injection or crafted capture file (CVE-2021-4184)

  - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4185)

  - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection     or crafted capture file (CVE-2021-4186)

  - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or     crafted capture file (CVE-2021-4190)

  - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0581)

  - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows     denial of service via packet injection or crafted capture file (CVE-2022-0582)

  - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0583)

  - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial     of service via packet injection or crafted capture file (CVE-2022-0585)

  - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0586)

  - Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to     3.4.15 allows denial of service via packet injection or crafted capture file (CVE-2022-3190)

  - Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet     injection or crafted capture file (CVE-2022-3725)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-226 advisory.

  - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via     packet injection or crafted capture file (CVE-2021-39920)

  - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39921)

  - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of     service via packet injection or crafted capture file (CVE-2021-39922)

  - Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service     via packet injection or crafted capture file (CVE-2021-39923)

  - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of     service via packet injection or crafted capture file (CVE-2021-39924)

  - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39925)

  - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service     via packet injection or crafted capture file (CVE-2021-39926)

  - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39928)

  - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17     allows denial of service via packet injection or crafted capture file (CVE-2021-39929)

  - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4181)

  - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet     injection or crafted capture file (CVE-2021-4182)

  - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of     service via packet injection or crafted capture file (CVE-2021-4184)

  - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4185)

  - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection     or crafted capture file (CVE-2021-4186)

  - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or     crafted capture file (CVE-2021-4190)

  - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0581)

  - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows     denial of service via packet injection or crafted capture file (CVE-2022-0582)

  - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0583)

  - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial     of service via packet injection or crafted capture file (CVE-2022-0585)

  - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0586)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote host is affected by the vulnerability described in GLSA-202210-04 (Wireshark: Multiple Vulnerabilities)

  - Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet     injection or crafted capture file (CVE-2021-22235)

  - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via     packet injection or crafted capture file (CVE-2021-39920)

  - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39921)

  - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of     service via packet injection or crafted capture file (CVE-2021-39922)

  - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of     service via packet injection or crafted capture file (CVE-2021-39924)

  - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39925)

  - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service     via packet injection or crafted capture file (CVE-2021-39926)

  - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39928)

  - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17     allows denial of service via packet injection or crafted capture file (CVE-2021-39929)

  - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4181)

  - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet     injection or crafted capture file (CVE-2021-4182)

  - Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file     (CVE-2021-4183)

  - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of     service via packet injection or crafted capture file (CVE-2021-4184)

  - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4185)

  - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection     or crafted capture file (CVE-2021-4186)

  - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or     crafted capture file (CVE-2021-4190)

  - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0581)

  - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows     denial of service via packet injection or crafted capture file (CVE-2022-0582)

  - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0583)

  - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial     of service via packet injection or crafted capture file (CVE-2022-0585)

  - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0586)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-079 advisory.

  - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via     packet injection or crafted capture file (CVE-2021-39920)

  - NULL pointer exception in the Modbus dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39921)

  - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of     service via packet injection or crafted capture file (CVE-2021-39922)

  - Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service     via packet injection or crafted capture file (CVE-2021-39923)

  - Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of     service via packet injection or crafted capture file (CVE-2021-39924)

  - Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39925)

  - Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service     via packet injection or crafted capture file (CVE-2021-39926)

  - NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows     denial of service via packet injection or crafted capture file (CVE-2021-39928)

  - Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17     allows denial of service via packet injection or crafted capture file (CVE-2021-39929)

  - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4181)

  - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet     injection or crafted capture file (CVE-2021-4182)

  - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of     service via packet injection or crafted capture file (CVE-2021-4184)

  - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4185)

  - Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection     or crafted capture file (CVE-2021-4186)

  - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or     crafted capture file (CVE-2021-4190)

  - Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0581)

  - Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows     denial of service via packet injection or crafted capture file (CVE-2022-0582)

  - Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0583)

  - Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial     of service via packet injection or crafted capture file (CVE-2022-0585)

  - Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of     service via packet injection or crafted capture file (CVE-2022-0586)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0375-1 advisory.

  - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4181)

  - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet     injection or crafted capture file (CVE-2021-4182)

  - Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file     (CVE-2021-4183)

  - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of     service via packet injection or crafted capture file (CVE-2021-4184)

  - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4185)

  - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or     crafted capture file (CVE-2021-4190)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0375-1 advisory.

  - Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4181)

  - Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet     injection or crafted capture file (CVE-2021-4182)

  - Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file     (CVE-2021-4183)

  - Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of     service via packet injection or crafted capture file (CVE-2021-4184)

  - Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via     packet injection or crafted capture file (CVE-2021-4185)

  - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or     crafted capture file (CVE-2021-4190)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is prior to 3.4.12. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.4.12 advisory.

  - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or     crafted capture file (CVE-2021-4190)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.4.12. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.4.12 advisory.

  - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or     crafted capture file (CVE-2021-4190)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote Windows host is prior to 3.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.6.1 advisory.

  - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive     CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed     packet trace file. (CVE-2021-4185)

  - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
    (CVE-2021-4184)

  - The pcapng file parser could crash. It may be possible to make Wireshark crash by convincing someone to     read a malformed packet trace file. (CVE-2021-4183)

  - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume     excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)

  - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
    (CVE-2021-4181)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.6.1 advisory.

  - The RTMPT dissector could go into an infinite loop. It may be possible to make Wireshark consume excessive     CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed     packet trace file. (CVE-2021-4185)

  - The BitTorrent DHT dissector could go into an infinite loop. It may be possible to make Wireshark crash by     injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
    (CVE-2021-4184)

  - The pcapng file parser could crash. It may be possible to make Wireshark crash by convincing someone to     read a malformed packet trace file. (CVE-2021-4183)

  - The RFC 7468 file parser could go into an infinite loop. It may be possible to make Wireshark consume     excessive CPU resources by convincing someone to read a malformed packet trace file. (CVE-2021-4182)

  - The Sysdig Event dissector could crash. It may be possible to make Wireshark crash by injecting a     malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
    (CVE-2021-4181)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
207910	Debian dla-3906 : libwireshark-data - security update	Nessus	Debian Local Security Checks	critical
203827	Photon OS 3.0: Wireshark PHSA-2022-3.0-0352	Nessus	PhotonOS Local Security Checks	high
203179	Photon OS 4.0: Wireshark PHSA-2022-4.0-0145	Nessus	PhotonOS Local Security Checks	high
199485	RHEL 9 : wireshark (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	high
173123	Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2023-038)	Nessus	Amazon Linux Local Security Checks	critical
168574	Amazon Linux 2022 : wireshark (ALAS2022-2022-226)	Nessus	Amazon Linux Local Security Checks	critical
166163	GLSA-202210-04 : Wireshark: Multiple Vulnerabilities	Nessus	Gentoo Local Security Checks	critical
164754	Amazon Linux 2022 : (ALAS2022-2022-079)	Nessus	Amazon Linux Local Security Checks	critical
158062	SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2022:0375-1)	Nessus	SuSE Local Security Checks	high
158058	openSUSE 15 Security Update : wireshark (openSUSE-SU-2022:0375-1)	Nessus	SuSE Local Security Checks	high
157893	Wireshark 3.4.x < 3.4.12 A Vulnerability	Nessus	Windows	critical
157892	Wireshark 3.4.x < 3.4.12 A Vulnerability (macOS)	Nessus	MacOS X Local Security Checks	critical
156388	Wireshark 3.6.x < 3.6.1 Multiple Vulnerabilities	Nessus	Windows	high
156387	Wireshark 3.6.x < 3.6.1 Multiple Vulnerabilities (macOS)	Nessus	MacOS X Local Security Checks	high

Detections

Analytics

CVE-2021-4190

high

Tenable Plugins

critical

high

high

high

critical

critical

critical

critical

high

high

critical

critical

high

high