vulnerability

Amazon Linux 2023: CVE-2024-8250: Medium priority package update for wireshark

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:N/I:N/A:C)	2024-08-29	2025-02-17	2025-02-17

Severity

CVSS

(AV:L/AC:L/Au:N/C:N/I:N/A:C)

Published

2024-08-29

Added

2025-02-17

Modified

2025-02-17

Description

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file
A flaw was found in wireshark. Affected versions of wireshark allow denial of service via packet injection or crafted capture file. It may be possible to cause Wireshark to crash by injecting a malformed packet onto the wire or convincing someone to read a malformed packet trace file.

Solution(s)

amazon-linux-2023-upgrade-wireshark-cliamazon-linux-2023-upgrade-wireshark-cli-debuginfoamazon-linux-2023-upgrade-wireshark-debugsourceamazon-linux-2023-upgrade-wireshark-devel

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today