CVE-2023-2906

6.5 MEDIUM

Published: August 25, 2023 Modified: November 03, 2025

Description

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://gitlab.com/wireshark/wireshark/-/issues/19229

Source: cve@takeonme.org

Exploit Issue Tracking Patch Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HCUPLDY7HLPO46PHMGIJSUBJFTT237C/

Source: cve@takeonme.org

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4AVRUYSHDNEAJILVSGY5W6MPOMG2YRF/

Source: cve@takeonme.org

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRKHFQPWFU7F3OXTL6IEIQSJG6FVXZTZ/

Source: cve@takeonme.org

https://takeonme.org/cves/CVE-2023-2906.html

Source: cve@takeonme.org

Exploit Third Party Advisory

https://gitlab.com/wireshark/wireshark/-/issues/19229