VDB
CVE-2021-22207
CVE-2021-22207
PUBLISHED
Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file
EPSS 0.41% · 61.5th percentile
Risk Scores
EPSS Score
0.41%
61.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:22.04:LTS | wireshark | 3.6.2-1ubuntu1, 0, 3.4.9-1 |
| Ubuntu:Pro:20.04:LTS | wireshark | 3.2.1-1, 3.2.3-1, 3.2.2-1 |
| Ubuntu:Pro:16.04:LTS | wireshark | 2.6.10-1~ubuntu16.04.0, *, * |
| Ubuntu:25.10 | wireshark | 0, 4.4.5-1, 4.4.6-2 |
| Ubuntu:Pro:14.04:LTS | wireshark | *, 1.10.2-1, 1.10.3-1 |
| Ubuntu:24.04:LTS | wireshark | 4.0.8-1, 0, 4.2.0-1 |
| Ubuntu:Pro:18.04:LTS | wireshark | 2.6.8-1~ubuntu18.04.0, 2.6.10-1~ubuntu18.04.0+esm1, * |
Exploit Intelligence
- FEDORA-2021-6e0508d69d (circl)
- FEDORA-2021-67691ad99d (circl)
- GLSA-202107-21 (circl)
- https://www.oracle.com/security-alerts/cpuoct2021.html (circl)
- DSA-5019 (circl)
- [debian-lts-announce] 20211226 [SECURITY] [DLA 2849-1] wireshark security update (circl)
- https://www.wireshark.org/security/wnpa-sec-2021-04.html (circl)
- https://gitlab.com/wireshark/wireshark/-/issues/17331 (circl)
- https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22207.json (circl)
Timeline
- Apr 23, 2021 CVE Published
- Apr 27, 2021 EPSS Score
- Jun 5, 2021 EPSS Score
- Jun 11, 2021 EPSS Score
- Jun 30, 2021 EPSS Score
- Sep 1, 2021 EPSS Score
- Jan 3, 2022 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 6, 2022 EPSS Score
- May 8, 2022 EPSS Score
- Jul 9, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-22207 third-party-advisory
- https://gitlab.com/wireshark/wireshark/-/issues/17331 third-party-advisory
- https://www.wireshark.org/security/wnpa-sec-2021-04.html third-party-advisory
- https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22207.json third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-22207 third-party-advisory