vulnerability
Amazon Linux 2023: CVE-2023-2952: Important priority package update for wireshark
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | May 23, 2023 | Feb 17, 2025 | Jul 9, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
May 23, 2023
Added
Feb 17, 2025
Modified
Jul 9, 2025
Description
XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file
A flaw was found in the XRA dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an infinite loop, resulting in a denial of service.
A flaw was found in the XRA dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an infinite loop, resulting in a denial of service.
Solutions
amazon-linux-2023-upgrade-wireshark-cliamazon-linux-2023-upgrade-wireshark-cli-debuginfoamazon-linux-2023-upgrade-wireshark-debugsourceamazon-linux-2023-upgrade-wireshark-devel
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.