CVE-2024-24476 — Vulnetix

CVE-2024-24476 PUBLISHED

Es besteht eine Schwachstelle in Wireshark. Dieser Fehler besteht aufgrund eines Heap-Pufferüberlaufs in den Komponenten "pan/addr_resolv.c" und "ws_manuf_lookup_str()". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.

EPSS 2.75% · 85.9th percentile

Risk Scores

EPSS Score

2.75%

85.9th percentile

Affected Products

Vendor	Product	Versions
Fedora	Fedora Linux
SUSE	SUSE Linux

Timeline

Jan 20, 1970 GitHub Gist PoC
Feb 21, 2024 CVE Published
Feb 22, 2024 EPSS Score
Mar 19, 2024 EPSS Score
May 11, 2024 EPSS Score
Jun 6, 2024 EPSS Score
Jul 2, 2024 EPSS Score
Jul 28, 2024 EPSS Score
Sep 19, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 15, 2024 EPSS Score
Nov 10, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0455.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0455 advisory
https://bodhi.fedoraproject.org/updates/FEDORA-2024-4115ab9959 advisory
https://nvd.nist.gov/vuln/detail/CVE-2024-24476 advisory
https://gitlab.com/wireshark/wireshark/-/issues/19344 advisory
https://lists.suse.com/pipermail/sle-security-updates/2024-April/018386.html advisory
https://lists.suse.com/pipermail/sle-security-updates/2024-April/018383.html advisory

Open in Interactive Console →