7.5
CVE-2023-1992
- EPSS 4.62%
- Veröffentlicht 12.04.2023 21:15:15
- Zuletzt bearbeitet 03.11.2025 22:16:03
- Quelle cve@gitlab.com
- CVE-Watchlists
- Unerledigt
RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version10.0
Debian ≫ Debian Linux Version12.0
Fedoraproject ≫ Fedora Version36
Fedoraproject ≫ Fedora Version37
Fedoraproject ≫ Fedora Version38
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.62% | 0.905 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| cve@gitlab.com | 6.3 | 2.8 | 3.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
https://security.gentoo.org/glsa/202309-02
https://lists.debian.org/debian-lts-announce/2023/04/msg00029.html
https://www.debian.org/security/2023/dsa-5429
https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1992.json
https://gitlab.com/wireshark/wireshark/-/issues/18852
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EHLTD25WNQSPQNELX52UH6YLP4TBLKTT/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZA7IMATNNQPLIM6WMRPM3T5ZY24NRR2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PFJERBHVWYLYWXO2B3V47QH66IEB6EZ3/
https://www.wireshark.org/security/wnpa-sec-2023-09.html
https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html