vulnerability

Red Hat: CVE-2019-12295: wireshark: missing dissection recursion checks leads to denial of service

Name: Red Hat: CVE-2019-12295: wireshark: missing dissection recursion checks leads to denial of service
Creator: Red Hat
Published: 2019-05-23T00:00:00.000Z
Keywords: CVE, Red Hat, 2019, 12295, wireshark, no-fix-redhat-rpm-package, Severity 5

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

May 23, 2019

Added

Jul 9, 2025

Modified

Jul 9, 2025

Description

In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion.

Solution

no-fix-redhat-rpm-package

References

NVD-CVE-2019-12295

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report