PRIOn knowledge basePRION:CVE-2023-2879

HistoryMay 26, 2023 - 9:15 p.m.

Design/Logic Flaw

2023-05-2621:15:00

PRIOn knowledge base

www.prio-n.com

wireshark

gdsdb

infinite loop

denial of service

packet injection

crafted capture file

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.2%

GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file

CPENameOperatorVersion
debian_linuxeq10.0
debian_linuxeq12.0
wiresharkge3.6.0
wiresharklt3.6.14
wiresharkge4.0.0
wiresharklt4.0.6

Name	Operator	Version
debian_linux	eq	10.0
debian_linux	eq	12.0
wireshark	ge	3.6.0
wireshark	lt	3.6.14
wireshark	ge	4.0.0
wireshark	lt	4.0.6

References

gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2879.json

gitlab.com/wireshark/wireshark/-/issues/19068

lists.debian.org/debian-lts-announce/2023/06/msg00004.html

security.gentoo.org/glsa/202309-02

www.debian.org/security/2023/dsa-5429

www.wireshark.org/security/wnpa-sec-2023-14.html