{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-11595", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2024-11-21T09:30:45.415Z", "datePublished": "2024-11-21T09:30:54.899Z", "dateUpdated": "2024-11-22T15:16:02.829Z"}, "containers": {"cna": {"title": "Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark", "descriptions": [{"lang": "en", "value": "FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file"}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"version": "4.4.0", "status": "affected", "lessThan": "4.4.2", "versionType": "semver"}, {"version": "4.2.0", "status": "affected", "lessThan": "4.2.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')", "cweId": "CWE-835", "type": "CWE"}]}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2024-14.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/20176", "name": "GitLab Issue #20176", "tags": ["issue-tracking", "permissions-required"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}}], "solutions": [{"lang": "en", "value": "Upgrade to version 4.4.2, 4.2.9 or above."}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-11-21T09:30:54.899Z"}}, "adp": [{"affected": [{"vendor": "wireshark", "product": "wireshark", "cpes": ["cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "4.4.0", "status": "affected", "lessThan": "4.4.2", "versionType": "semver"}, {"version": "4.2.0", "status": "affected", "lessThan": "4.2.9", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-22T15:14:41.363050Z", "id": "CVE-2024-11595", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-22T15:16:02.829Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-11595", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-22T15:14:41.363050Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*"], "vendor": "wireshark", "product": "wireshark", "versions": [{"status": "affected", "version": "4.4.0", "lessThan": "4.4.2", "versionType": "semver"}, {"status": "affected", "version": "4.2.0", "lessThan": "4.2.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-22T15:15:56.177Z"}}], "cna": {"title": "Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"status": "affected", "version": "4.4.0", "lessThan": "4.4.2", "versionType": "semver"}, {"status": "affected", "version": "4.2.0", "lessThan": "4.2.9", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to version 4.4.2, 4.2.9 or above."}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2024-14.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/20176", "name": "GitLab Issue #20176", "tags": ["issue-tracking", "permissions-required"]}], "descriptions": [{"lang": "en", "value": "FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-835", "description": "CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-11-21T09:30:54.899Z"}}}, "cveMetadata": {"cveId": "CVE-2024-11595", "state": "PUBLISHED", "dateUpdated": "2024-11-22T15:16:02.829Z", "dateReserved": "2024-11-21T09:30:45.415Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2024-11-21T09:30:54.899Z", "assignerShortName": "GitLab"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "3399947D-D52C-4CB2-8A4E-22CF6D1727AD", "versionEndExcluding": "4.2.9", "versionStartIncluding": "4.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A7A5B30-B5FD-45BE-8AF8-058B13DD1071", "versionEndExcluding": "4.4.2", "versionStartIncluding": "4.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file"}, {"lang": "es", "value": "El bucle infinito del disector FiveCo RAP en Wireshark 4.4.0 a 4.4.1 y 4.2.0 a 4.2.8 permite la denegaci\u00f3n de servicio a trav\u00e9s de la inyecci\u00f3n de paquetes o un archivo de captura manipulado"}], "id": "CVE-2024-11595", "lastModified": "2025-05-07T16:52:44.627", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "cve@gitlab.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-11-21T11:15:32.820", "references": [{"source": "cve@gitlab.com", "tags": ["Issue Tracking"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/20176"}, {"source": "cve@gitlab.com", "tags": ["Vendor Advisory"], "url": "https://www.wireshark.org/security/wnpa-sec-2024-14.html"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "cve@gitlab.com", "type": "Secondary"}]}

{"bugzilla": {"description": "wireshark: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark", "id": "2327764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327764"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-835", "details": ["FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file", "A flaw was found in Wireshark's FiveCo RAP dissector. This issue occurs when malformed packets are decoded from a pcap file or the network, causing an infinite loop and excessive consumption of CPU resources, resulting in a denial of service."], "name": "CVE-2024-11595", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-11-21T09:30:54Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-11595\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-11595\nhttps://gitlab.com/wireshark/wireshark/-/issues/20176\nhttps://www.wireshark.org/security/wnpa-sec-2024-14.html"], "statement": "This vulnerability will cause a crash in Wireshark with no other security impact. For this reason, this flaw has been rated with a moderate severity.\nAdditionally, Wireshark as shipped in Red Hat Enterprise Linux 8 and 9 is not affected by this vulnerability because the FiveCo RAP protocol dissector was added in a newer version of Wireshark.", "threat_severity": "Moderate"}