CVE Vulnerabilities

CVE-2024-4854

Loop with Unreachable Exit Condition ('Infinite Loop')

Published: May 14, 2024 | Modified: Apr 18, 2025
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
6.5 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

Name Vendor Start Version End Version
Fedora Fedoraproject 39 (including) 39 (including)
Fedora Fedoraproject 40 (including) 40 (including)
Wireshark Ubuntu mantic *
Wireshark Ubuntu trusty/esm *

References