CVE-2024-11596

Summary

ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file

Affected Software

VendorProductVersion RangeStatus
Wireshark FoundationWireshark4.4.0 < 4.4.2affected
Wireshark FoundationWireshark4.2.0 < 4.2.9affected

Weaknesses

  • CWE-126: CWE-126: Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References