vulnerability
Amazon Linux 2023: CVE-2024-0209: Important priority package update for wireshark
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:M/Au:N/C:N/I:N/A:C) | Jan 3, 2024 | Feb 17, 2025 | Jul 4, 2025 |
Severity
5
CVSS
(AV:L/AC:M/Au:N/C:N/I:N/A:C)
Published
Jan 3, 2024
Added
Feb 17, 2025
Modified
Jul 4, 2025
Description
IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
A flaw was found in the IEEE 1609.2 and possibly other ASN.1-based dissectors of Wireshark. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
A flaw was found in the IEEE 1609.2 and possibly other ASN.1-based dissectors of Wireshark. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Solutions
amazon-linux-2023-upgrade-wireshark-cliamazon-linux-2023-upgrade-wireshark-cli-debuginfoamazon-linux-2023-upgrade-wireshark-debugsourceamazon-linux-2023-upgrade-wireshark-devel
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.