GitLabCVELIST:CVE-2021-22207CVE-2021-22207
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.6%
Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file
CNA Affected
[
{
"product": "Wireshark",
"vendor": "The Wireshark Foundation",
"versions": [
{
"status": "affected",
"version": ">=3.4.0, <3.4.5"
},
{
"status": "affected",
"version": ">=3.2.0, <3.2.13"
}
]
}
]References
gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22207.json
gitlab.com/wireshark/wireshark/-/issues/17331
lists.debian.org/debian-lts-announce/2021/12/msg00015.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GIWWO27HV4HUKXV6NH6ULHCRAQB26DMD/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NL7ZTMMWIEPHHFK3ONRKATWE7CLIGLFD/
security.gentoo.org/glsa/202107-21
www.debian.org/security/2021/dsa-5019
www.oracle.com/security-alerts/cpuoct2021.html
www.wireshark.org/security/wnpa-sec-2021-04.html
Related
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.6%