CVE-2022-3190

Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file

Published: Sep 13, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-3190
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWEs:

CWE-835

Affected Software
References

Software	From	Fixed in
wireshark / wireshark	3.4.0	3.4.16
wireshark / wireshark	3.6.0	3.6.8
fedoraproject / fedora	36	36.x
fedoraproject / fedora	37	37.x

https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3190.json
https://gitlab.com/wireshark/wireshark/-/issues/18307
https://lists.fedoraproject.org/archives/list/[email protected]/message/CH4NUKZKPY4MFQHFBTONJK2AWES4DFDA/
https://lists.fedoraproject.org/archives/list/[email protected]/message/YR5LIOF5VKS4DC2NQWXTMPPXOYJC46XC/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CH4NUKZKPY4MFQHFBTONJK2AWES4DFDA/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YR5LIOF5VKS4DC2NQWXTMPPXOYJC46XC/
https://www.wireshark.org/security/wnpa-sec-2022-06.html

Vulnerability Database

289,697

CVE-2022-3190