CVE-2024-0209

Summary

IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file

Affected Software

VendorProductVersion RangeStatus
Wireshark FoundationWireshark4.2.0 < 4.2.1affected
Wireshark FoundationWireshark4.0.0 < 4.0.12affected
Wireshark FoundationWireshark3.6.0 < 3.6.20affected

Weaknesses

  • CWE-476: CWE-476: NULL Pointer Dereference

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References