CVE-2023-3648

Summary

Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file

Affected Software

VendorProductVersion RangeStatus
Wireshark FoundationWireshark4.0.0 < 4.0.7affected
Wireshark FoundationWireshark3.6.0 < 3.6.15affected

Weaknesses

  • CWE-762: CWE-762: Mismatched Memory Management Routines

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References