CVE-2021-22174

🗓️ 17 Feb 2021 14:24:34Reported by GitLabType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 197 Views

Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture fil

Reporter	Title	Published	Views	Family All 58
ALT Linux	Security fix for the ALT Linux 10 package wireshark version 3.4.3-alt1	24 Feb 202100:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package wireshark version 3.4.3-alt1	1 Mar 202100:00	–	altlinux
AlpineLinux	CVE-2021-22174	17 Feb 202114:24	–	alpinelinux
ArchLinux	[ASA-202102-3] wireshark-cli: denial of service	6 Feb 202100:00	–	archlinux
Circl	CVE-2021-22174	17 Feb 202118:49	–	circl
CNNVD	Wireshark 资源管理错误漏洞	1 Feb 202100:00	–	cnnvd
CNVD	Wireshark Denial of Service Vulnerability (CNVD-2021-11315)	18 Feb 202100:00	–	cnvd
Cvelist	CVE-2021-22174	17 Feb 202114:24	–	cvelist
Debian CVE	CVE-2021-22174	17 Feb 202114:24	–	debiancve
EUVD	EUVD-2021-9320	3 Oct 202520:07	–	euvd

NVD

Vulners

Node

wireshark wiresharkRange3.4.0–3.4.3

Node

fedoraproject fedoraMatch32

fedoraproject fedoraMatch33

Node

oracle zfs_storage_applianceMatch8.8

[
  {
    "product": "Wireshark",
    "vendor": "The Wireshark Foundation",
    "versions": [
      {
        "status": "affected",
        "version": ">=3.4.0, <3.4.3"
      }
    ]
  }
]

Source	Link
gitlab	www.gitlab.com/wireshark/wireshark/-/issues/17165
security	www.security.gentoo.org/glsa/202107-21
wireshark	www.wireshark.org/security/wnpa-sec-2021-02.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GND3PIQC3KZALR227V4YUMPKJBA5BZG4/
oracle	www.oracle.com/security-alerts/cpuApr2021.html
gitlab	www.gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22174.json
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYXLKQJ3D632XSG6VO7M4YFDAG6GRCLY/

21 Nov 2024 05:49Current

7.4High risk

Vulners AI Score7.4

CVSS 25

CVSS 3.13.7 - 7.5

EPSS0.00386

CWE-770