CVE-2022-4344

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-4344

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-4344.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-4344

Downstream

DEBIAN-CVE-2022-4344

DLA-3906-1

OESA-2023-1094

OESA-2023-1115

UBUNTU-CVE-2022-4344

Published

2023-01-12T00:15:08Z

Modified

2025-10-13T12:24:05.986390Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file

References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

937e33de60bcfcd6f68e7250e5e6914ae1d1e1e4

Fixed

1c21cf400821d986756d23e04a2bb9cdc095a98f

Type: GIT
Repo: https://gitlab.com/wireshark/wireshark
Events: Introduced

0cbe09cd796b2ea24c6069b76ea16df7f51cf67b

Fixed

415456d133701e83d2f0aac3d90f26879fb3dad1

Affected versions

v4.*

v4.0.0

v4.0.1

v4.0.1rc0

v4.0.2rc0

wireshark-4.*

wireshark-4.0.0

wireshark-4.0.1