vulnerability
Amazon Linux 2023: CVE-2023-2856: Important priority package update for wireshark
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | May 18, 2023 | Feb 17, 2025 | Jul 4, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
May 18, 2023
Added
Feb 17, 2025
Modified
Jul 4, 2025
Description
VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file
A flaw was found in the VMS TCPIPtrace file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service.
A flaw was found in the VMS TCPIPtrace file parser of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of service.
Solutions
amazon-linux-2023-upgrade-wireshark-cliamazon-linux-2023-upgrade-wireshark-cli-debuginfoamazon-linux-2023-upgrade-wireshark-debugsourceamazon-linux-2023-upgrade-wireshark-devel
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.