UBUNTU-CVE-2022-4344

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2022-4344

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-4344.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2022-4344

Related

CVE-2022-4344

Published

2023-01-12T00:15:00Z

Modified

2025-05-28T17:32:12Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

References

Affected packages

Ubuntu:20.04:LTS / wireshark

Package

Name: wireshark
Purl: pkg:deb/ubuntu/wireshark@3.2.3-1?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.0.5-1

3.0.7-1

3.2.1-1

3.2.2-1

3.2.3-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / wireshark

Package

Name: wireshark
Purl: pkg:deb/ubuntu/wireshark@3.6.2-2?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.4.7-1~exp1

3.4.9-1

3.6.2-1ubuntu1

3.6.2-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}