CVE-2023-0412

Published: Jan 26, 2023Modified: Nov 3, 2025

7.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Exploitability: 2.8 / Impact: 4.2

Source: NVD

Description

TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file

Affected (3)

Products: Wireshark: Wireshark · Debian: Debian Linux

1 product

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	From 3.6.0 to 3.6.10
Wireshark Wireshark	From 4.0.0 to 4.0.2

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0

Related CWEs

Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

References (9)

https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0412.json

Source: cve@gitlab.com

Issue Tracking

https://gitlab.com/wireshark/wireshark/-/issues/18770

Source: cve@gitlab.com

Issue TrackingPatch

https://lists.debian.org/debian-lts-announce/2023/02/msg00007.html

Source: cve@gitlab.com

Mailing ListThird Party Advisory

https://www.wireshark.org/security/wnpa-sec-2023-07.html

Source: cve@gitlab.com

Vendor Advisory

https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0412.json

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

https://gitlab.com/wireshark/wireshark/-/issues/18770

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatch

https://lists.debian.org/debian-lts-announce/2023/02/msg00007.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.wireshark.org/security/wnpa-sec-2023-07.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.