CVE-2024-8645

Summary

SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file

Affected Software

VendorProductVersion RangeStatus
Wireshark FoundationWireshark4.2.0 < 4.2.6affected
Wireshark FoundationWireshark4.0.0 < 4.0.16affected

Weaknesses

  • CWE-824: CWE-824: Access of Uninitialized Pointer

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References