CVE-2024-24479
- Source
- https://cve.org/CVERecord?id=CVE-2024-24479
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-24479.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-24479
- Downstream
- Published
- 2024-02-21T19:15:09.077Z
- Modified
- 2026-04-12T08:03:53.057040Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/tostr.c, and formatfractionalpartnsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
- References
-
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZT2BX7UARZVVWKITSZMHW7BHXGIKRSR2/
- https://gist.github.com/1047524396/c50ad17e9a1a18990043a7cd27814c78
- https://github.com/wireshark/wireshark/commit/c3720cff158c265dec2a0c6104b1d65954ae6bfd
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZT2BX7UARZVVWKITSZMHW7BHXGIKRSR2/
Affected packages
Git / github.com/wireshark/wireshark
Affected versions
Other
backups/ethereal@18706
ethereal-0-3-15
start
ethereal-0.*
ethereal-0.3.15
v1.*
v1.11.0
v1.11.0-rc1
v1.11.1
v1.11.1-rc1
v1.11.2
v1.11.2-rc1
v1.11.3
v1.11.3-rc1
v1.11.4-rc1
v1.99.0
v1.99.0-rc1
v1.99.1
v1.99.10rc0
v1.99.1rc0
v1.99.2
v1.99.2rc0
v1.99.3
v1.99.3rc0
v1.99.4
v1.99.4rc0
v1.99.5
v1.99.5rc0
v1.99.6
v1.99.6rc0
v1.99.7
v1.99.7rc0
v1.99.8
v1.99.8rc0
v1.99.9
v1.99.9rc0
v2.*
v2.1.0
v2.1.0rc0
v2.1.1
v2.1.1rc0
v2.1.2rc0
v2.3.0rc0
v2.5.0
v2.5.0rc0
v2.5.1
v2.5.1rc0
v2.5.2rc0
v2.9.0
v2.9.0rc0
v2.9.1rc0
v3.*
v3.1.0
v3.1.0rc0
v3.1.1
v3.1.1rc0
v3.1.2rc0
v3.3.0
v3.3.0rc0
v3.3.1
v3.3.1rc0
v3.3.2rc0
v3.5.0
v3.5.0rc0
v3.5.1rc0
v3.7.0
v3.7.0rc0
v3.7.1
v3.7.1rc0
v3.7.2
v3.7.2rc0
v3.7.3rc0
v4.*
v4.1.0
v4.1.0rc0
v4.1.1rc0
v4.2.0rc0
v4.2.0rc1
v4.2.0rc2
v4.2.0rc3
wireshark-1.*
wireshark-1.11.3
wireshark-1.99.0
wireshark-1.99.1
wireshark-1.99.2
wireshark-1.99.3
wireshark-1.99.4
wireshark-1.99.5
wireshark-1.99.6
wireshark-1.99.7
wireshark-1.99.8
wireshark-1.99.9
wireshark-2.*
wireshark-2.1.0
wireshark-2.1.1
wireshark-2.5.0
wireshark-4.*
wireshark-4.2.0rc2
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-24479.json"
vanir_signatures_modified
"2026-04-12T08:03:53Z"
vanir_signatures
[
{
"target": {
"file": "wsutil/to_str.c",
"function": "format_fractional_part_nsecs"
},
"id": "CVE-2024-24479-1566cadc",
"source": "https://github.com/wireshark/wireshark/commit/c3720cff158c265dec2a0c6104b1d65954ae6bfd",
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 1169.0,
"function_hash": "155888805329336113343609893697417687789"
},
"signature_version": "v1"
},
{
"target": {
"file": "wsutil/to_str.h"
},
"id": "CVE-2024-24479-171b9041",
"source": "https://github.com/wireshark/wireshark/commit/c3720cff158c265dec2a0c6104b1d65954ae6bfd",
"signature_type": "Line",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"10804417336935413765225212012166878789",
"88236625623142954427312824889476939618",
"286511033907469300713617669540799876014",
"255409677857841846696738595693689852664"
]
},
"signature_version": "v1"
},
{
"target": {
"file": "wsutil/to_str.c",
"function": "format_nstime_as_iso8601"
},
"id": "CVE-2024-24479-218665fc",
"source": "https://github.com/wireshark/wireshark/commit/c3720cff158c265dec2a0c6104b1d65954ae6bfd",
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 822.0,
"function_hash": "272923392291108522616092164165434440740"
},
"signature_version": "v1"
},
{
"target": {
"file": "wsutil/to_str.c"
},
"id": "CVE-2024-24479-7e3da618",
"source": "https://github.com/wireshark/wireshark/commit/c3720cff158c265dec2a0c6104b1d65954ae6bfd",
"signature_type": "Line",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"251617619407126323511983018741629123905",
"22525039396966742909549343520707123312",
"80828697064943607562194122774741773118",
"78132602499286968810752434449073224309",
"76281521597198674255788499410165717010",
"181154684687725423613965536382565803029",
"137011584691294130355063537852121535777",
"283815024494423402781742499731059532049",
"189054718194964955161340516682997096541",
"240351707119029260609572794440463954761",
"196147500856251468188233380287320172048",
"117709142303197702331845071603017254559",
"303986112321988643097241757837461935221",
"320020606649097948555480575740459122740",
"201616459656467300383276491848607111536",
"269345404869856906020718678822475205306",
"45758699978056611336281371926656576764",
"154379694341006402288713014257283669441",
"299836948310839979928419654739693996717",
"200537746290196686149531111743980764610",
"15185801837478219690651714628271592952",
"311293024174670594187026067736718197598",
"232609643714483990204589699856776150189",
"151195484853669991701698236942827592609",
"300761421394264225499991899412310461584",
"164900578883660238364016437162650306813",
"83992240496004612405238788868635378374",
"68022697692794590512871234753442025810",
"183348979318201852379358267940401767701",
"77692225789058105685473655103734744396",
"305288398329314513082340933845347617921",
"159438463676127638602886976743203794787",
"313242385140921476364345260233889608586",
"145806104976628115490634081978135941985",
"8630706399213331859077149320452447026",
"41275590827725834195916735241877866453",
"200663719747479102303468852349134745092",
"12280530159707486021781955841873100611",
"81469244850627963487686368152680159336",
"40111169593953588903401252325814912254",
"9637590814064070080470535697886647401",
"109356808541733787754880643221642054910",
"29908978473091679624275622632432781250",
"78303605383707892003874854312856227473",
"27233619995768917662032536383926295633",
"279468366899905605914349865304201754786",
"21594832256052007768724857498125321575",
"288532586751233629117992492787296469273",
"174140758780600632069000441841860957895",
"334028549279982120272373354536643832792",
"69633976411906381779263782849998991942",
"36118961675553710501221193269456567022",
"35339015793124373253477830509597355343",
"146768745913783885773350970410564124845",
"145991944214113680364941133572916579746",
"218787073394521153581650185035885952383",
"314834176210429048892546508815088454702",
"298452601922766600402235824642863064042",
"133914030029416763567417498395205700323",
"47190988313092312681404487528617264075",
"37560946463040990433234209639492240966",
"148112081886527498803018302153117498326",
"225601900986936181313511913543027771688",
"6533630656901470905097066196657384485",
"44169856980885895352955482468115309438",
"27322277752685361411128993759666602491",
"38113158596451060428292862302880567070",
"51955673912138425558206805694223796730",
"11787682598763003583523282682112447105",
"335376258411219007909574376103421078932",
"109208885311882677947270925771847946155",
"323831015767580810751489943312144745295",
"114494824690959931188787123215552860843",
"320474075777153510409679500632714691341",
"102843849727451429862510339177845449035",
"244964362109678243906926034669620374453",
"23732710632301092120829670214302997489",
"52612983034901233312916898212438278447",
"326887741331725939254093264847592017340",
"114545117637352068456121460456135756281",
"78439093606396635625586208240685440655",
"145438006091897523182565992308075841123",
"17598344275206565499842669275708117619",
"241404233579074214760653707673487287830",
"52988760368989630377831115600709576321",
"25230812541906094761933553759026134413",
"234795757737296943674437479446809706168"
]
},
"signature_version": "v1"
}
]
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "40"
}
]
}
]