{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-1161", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "assignerShortName": "GitLab", "dateUpdated": "2024-08-02T05:40:58.008Z", "dateReserved": "2023-03-03T00:00:00", "datePublished": "2023-03-06T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2023-09-17T06:06:31.687700"}, "descriptions": [{"lang": "en", "value": "ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file"}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"version": ">=4.0.0, <4.0.4", "status": "affected"}, {"version": ">=3.6.0, <3.6.12", "status": "affected"}]}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2023-08.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/18839"}, {"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1161.json"}, {"name": "[debian-lts-announce] 20230429 [SECURITY] [DLA 3402-1] wireshark security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00029.html"}, {"name": "DSA-5429", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2023/dsa-5429"}, {"name": "GLSA-202309-02", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202309-02"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Buffer copy without checking size of input ('classic buffer overflow') in Wireshark"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:40:58.008Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2023-08.html", "tags": ["x_transferred"]}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/18839", "tags": ["x_transferred"]}, {"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1161.json", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20230429 [SECURITY] [DLA 3402-1] wireshark security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00029.html"}, {"name": "DSA-5429", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.debian.org/security/2023/dsa-5429"}, {"name": "GLSA-202309-02", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202309-02"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F7FFE8E-2DCE-405E-AEF3-7FF92FCBAC31", "versionEndExcluding": "3.6.12", "versionStartIncluding": "3.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "367479CF-5177-4907-8952-533FDDBC17E6", "versionEndExcluding": "4.0.4", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file"}, {"lang": "es", "value": "El fallo del disector ISO 15765 e ISO 10681 en Wireshark 4.0.0 a 4.0.3 y 3.6.0 a 3.6.11 permite la denegaci\u00f3n de servicio mediante la inyecci\u00f3n de paquetes o un archivo de captura manipulado."}], "id": "CVE-2023-1161", "lastModified": "2023-10-20T18:23:56.467", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "cve@gitlab.com", "type": "Secondary"}]}, "published": "2023-03-06T21:15:10.990", "references": [{"source": "cve@gitlab.com", "tags": ["Third Party Advisory"], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1161.json"}, {"source": "cve@gitlab.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/18839"}, {"source": "cve@gitlab.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00029.html"}, {"source": "cve@gitlab.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202309-02"}, {"source": "cve@gitlab.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2023/dsa-5429"}, {"source": "cve@gitlab.com", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2023-08.html"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "wireshark: ISO 15765 and ISO 10681 dissector crash", "id": "2176452", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176452"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "status": "draft"}, "cwe": "CWE-787", "details": ["ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file", "A flaw was found in the ISO 15765 and ISO 10681 dissectors of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an out-of-bounds write, resulting in a Denial of Service and limited memory corruption."], "name": "CVE-2023-1161", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-03-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-1161\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-1161"], "statement": "The ISO 10681 dissector is not available in Wireshark shipped by Red Hat Enterprise Linux 8 and 9 but the ISO 15765 is available in Wireshark shipped by all versions of Red Hat Enterprise Linux.", "threat_severity": "Moderate", "upstream_fix": "wireshark 4.0.4, wireshark 3.6.12"}