CVE-2024-8250

Summary

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

Affected Software

VendorProductVersion RangeStatus
Wireshark FoundationWireshark4.2.0 < 4.2.7affected
Wireshark FoundationWireshark4.0.0 < 4.0.17affected

Weaknesses

  • CWE-825: CWE-825: Expired Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References