Veracode Vulnerability DatabaseVERACODE:41553Denial Of Service (DoS)
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
41.6%
wireshark is vulnerable to Denial Of Service (DoS). The vulnerability results in the LISP dissector going into a large loop which could allow excessive CPU resource consumption via injecting malformed packets.
References
gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1993.json
gitlab.com/wireshark/wireshark/-/issues/18900
lists.debian.org/debian-lts-announce/2023/04/msg00029.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EHLTD25WNQSPQNELX52UH6YLP4TBLKTT/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZA7IMATNNQPLIM6WMRPM3T5ZY24NRR2/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFJERBHVWYLYWXO2B3V47QH66IEB6EZ3/
lists.fedoraproject.org/archives/list/[email protected]/message/EHLTD25WNQSPQNELX52UH6YLP4TBLKTT/
lists.fedoraproject.org/archives/list/[email protected]/message/FZA7IMATNNQPLIM6WMRPM3T5ZY24NRR2/
lists.fedoraproject.org/archives/list/[email protected]/message/PFJERBHVWYLYWXO2B3V47QH66IEB6EZ3/
security-tracker.debian.org/tracker/CVE-2023-1993
security.gentoo.org/glsa/202309-02
www.debian.org/security/2023/dsa-5429
www.wireshark.org/security/wnpa-sec-2023-10.html
Related
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
41.6%