CVE-2023-2857

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-2857

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-2857.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-2857

Downstream

DEBIAN-CVE-2023-2857

DSA-5429-1

OESA-2023-1321

OESA-2023-1322

SUSE-SU-2023:2320-1

SUSE-SU-2023:3252-1

UBUNTU-CVE-2023-2857

openSUSE-SU-2024:12958-1

Related

Published

2023-05-26T00:00:00Z

Modified

2026-02-11T07:44:01.799729Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVSS Calculator

Summary

[none]

Details

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Database specific

{
    "cna_assigner": "GitLab",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/2xxx/CVE-2023-2857.json"
}

References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

0cbe09cd796b2ea24c6069b76ea16df7f51cf67b

Fixed

375780df613217f1fe44b165237e88d6510e4afd

Introduced

ba9ee40baf83d616a04dbc897ed80fda0f5403cc

Fixed

c17fca73b7f92a1a9d67c52fc83b924e02e56e30

Affected versions

v4.*

v4.0.0

v4.0.1

v4.0.10

v4.0.10rc0

v4.0.11

v4.0.11rc0

v4.0.12

v4.0.12rc0

v4.0.13

v4.0.13rc0

v4.0.14

v4.0.14rc0

v4.0.15

v4.0.15rc0

v4.0.16

v4.0.16rc0

v4.0.17

v4.0.17rc0

v4.0.18rc0

v4.0.1rc0

v4.0.2

v4.0.2rc0

v4.0.3

v4.0.3rc0

v4.0.4

v4.0.4rc0

v4.0.5

v4.0.5rc0

v4.0.6

v4.0.6rc0

v4.0.7

v4.0.7rc0

v4.0.8

v4.0.8rc0

v4.0.9

v4.0.9rc0

wireshark-4.*

wireshark-4.0.0

wireshark-4.0.1

wireshark-4.0.10

wireshark-4.0.11

wireshark-4.0.12

wireshark-4.0.13

wireshark-4.0.14

wireshark-4.0.15

wireshark-4.0.16

wireshark-4.0.17

wireshark-4.0.2

wireshark-4.0.3

wireshark-4.0.4

wireshark-4.0.5

wireshark-4.0.6

wireshark-4.0.7

wireshark-4.0.8

wireshark-4.0.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-2857.json"

Git / gitlab.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://gitlab.com/wireshark/wireshark
Events: Introduced

3a34e44d02c9c91f9f851bd6f29ff4505131b127

Fixed

83f40263b97ea6e41587240bbef8e0e467e55ea7

Affected versions

v3.*

v3.6.0

v3.6.1

v3.6.10

v3.6.10rc0

v3.6.11

v3.6.11rc0

v3.6.12

v3.6.12rc0

v3.6.13

v3.6.13rc0

v3.6.14rc0

v3.6.1rc0

v3.6.2

v3.6.2rc0

v3.6.3

v3.6.3rc0

v3.6.4

v3.6.4rc0

v3.6.5

v3.6.5rc0

v3.6.6

v3.6.6rc0

v3.6.7

v3.6.7rc0

v3.6.8

v3.6.8rc0

v3.6.9

v3.6.9rc0

wireshark-3.*

wireshark-3.6.0

wireshark-3.6.1

wireshark-3.6.10

wireshark-3.6.11

wireshark-3.6.12

wireshark-3.6.13

wireshark-3.6.2

wireshark-3.6.3

wireshark-3.6.4

wireshark-3.6.5

wireshark-3.6.6

wireshark-3.6.7

wireshark-3.6.8

wireshark-3.6.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-2857.json"