CVE Vulnerabilities

CVE-2021-4182

Loop with Unreachable Exit Condition ('Infinite Loop')

Published: Dec 30, 2021 | Modified: Nov 07, 2023
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
7.5 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM

Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

Name Vendor Start Version End Version
Wireshark Wireshark 3.4.0 (including) 3.4.11 (excluding)
Wireshark Wireshark 3.6.0 (including) 3.6.0 (including)
Wireshark Ubuntu hirsute *
Wireshark Ubuntu impish *
Wireshark Ubuntu kinetic *
Wireshark Ubuntu lunar *
Wireshark Ubuntu mantic *
Wireshark Ubuntu trusty *
Wireshark Ubuntu upstream *
Wireshark Ubuntu xenial *

References