DEBIAN-CVE-2023-2952 — Vulnetix

DEBIAN-CVE-2023-2952 PUBLISHED CVSS 6.5 MEDIUM

XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file

Risk Scores

CVSS 3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:14	wireshark	0, 0, 0
Debian:12	wireshark	4.0.5-1, 0, 4.0.3-1
Debian:11	wireshark	3.4.7-1~exp1, 3.4.8-1, 3.4.9-1
Debian:13	wireshark	0, 0, 0

Timeline

May 30, 2023 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-2952 advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›