CVE-2024-0209

IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file

Database specific

{
    "cwe_ids": [
        "CWE-476"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/0xxx/CVE-2024-0209.json",
    "cna_assigner": "GitLab"
}

References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type

GIT

Repo

https://github.com/wireshark/wireshark

Events

Introduced

3a34e44d02c9c91f9f851bd6f29ff4505131b127

Last affected

6cee63246b01043d4089ea2aa17b10fb16a6b1ea

Introduced

0cbe09cd796b2ea24c6069b76ea16df7f51cf67b

Last affected

9313445cab119c38487ed8a22fcbfb6af2e6a7e8

Introduced

Last affected

54eedfc63953c8180b5a9c60015917cce7a2548a

Database specific

{
    "cpe": [
        "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:wireshark:wireshark:4.2.0:*:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "3.6.0"
        },
        {
            "last_affected": "3.6.19"
        },
        {
            "introduced": "4.0.0"
        },
        {
            "last_affected": "4.0.11"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.2.0"
        }
    ],
    "source": "CPE_FIELD"
}

Affected versions

Other

backups/ethereal@18706

ethereal-0-3-15

start

ethereal-0.*

ethereal-0.3.15

v1.*

v1.11.0

v1.11.0-rc1

v1.11.1

v1.11.1-rc1

v1.11.2

v1.11.2-rc1

v1.11.3

v1.11.3-rc1

v1.11.4-rc1

v1.99.0

v1.99.0-rc1

v1.99.1

v1.99.10rc0

v1.99.1rc0

v1.99.2

v1.99.2rc0

v1.99.3

v1.99.3rc0

v1.99.4

v1.99.4rc0

v1.99.5

v1.99.5rc0

v1.99.6

v1.99.6rc0

v1.99.7

v1.99.7rc0

v1.99.8

v1.99.8rc0

v1.99.9

v1.99.9rc0

v2.*

v2.1.0

v2.1.0rc0

v2.1.1

v2.1.1rc0

v2.1.2rc0

v2.3.0rc0

v2.5.0

v2.5.0rc0

v2.5.1

v2.5.1rc0

v2.5.2rc0

v2.9.0

v2.9.0rc0

v2.9.1rc0

v3.*

v3.1.0

v3.1.0rc0

v3.1.1

v3.1.1rc0

v3.1.2rc0

v3.3.0

v3.3.0rc0

v3.3.1

v3.3.1rc0

v3.3.2rc0

v3.5.0

v3.5.0rc0

v3.5.1rc0

v3.6.0

v3.6.1

v3.6.10

v3.6.10rc0

v3.6.11

v3.6.11rc0

v3.6.12

v3.6.12rc0

v3.6.13

v3.6.13rc0

v3.6.14

v3.6.14rc0

v3.6.15

v3.6.15rc0

v3.6.16

v3.6.16rc0

v3.6.17

v3.6.17rc0

v3.6.18

v3.6.18rc0

v3.6.19

v3.6.19rc0

v3.6.1rc0

v3.6.2

v3.6.2rc0

v3.6.3

v3.6.3rc0

v3.6.4

v3.6.4rc0

v3.6.5

v3.6.5rc0

v3.6.6

v3.6.6rc0

v3.6.7

v3.6.7rc0

v3.6.8

v3.6.8rc0

v3.6.9

v3.6.9rc0

v3.7.0

v3.7.0rc0

v3.7.1

v3.7.1rc0

v3.7.2

v3.7.2rc0

v3.7.3rc0

v4.*

v4.0.0

v4.0.1

v4.0.10

v4.0.10rc0

v4.0.11

v4.0.11rc0

v4.0.1rc0

v4.0.2

v4.0.2rc0

v4.0.3

v4.0.3rc0

v4.0.4

v4.0.4rc0

v4.0.5

v4.0.5rc0

v4.0.6

v4.0.6rc0

v4.0.7

v4.0.7rc0

v4.0.8

v4.0.8rc0

v4.0.9

v4.0.9rc0

v4.1.0

v4.1.0rc0

v4.1.1rc0

v4.2.0

v4.2.0rc0

v4.2.0rc1

v4.2.0rc2

v4.2.0rc3

wireshark-1.*

wireshark-1.11.3

wireshark-1.99.0

wireshark-1.99.1

wireshark-1.99.2

wireshark-1.99.3

wireshark-1.99.4

wireshark-1.99.5

wireshark-1.99.6

wireshark-1.99.7

wireshark-1.99.8

wireshark-1.99.9

wireshark-2.*

wireshark-2.1.0

wireshark-2.1.1

wireshark-2.5.0

wireshark-3.*

wireshark-3.6.0

wireshark-3.6.1

wireshark-3.6.10

wireshark-3.6.11

wireshark-3.6.12

wireshark-3.6.13

wireshark-3.6.14

wireshark-3.6.15

wireshark-3.6.16

wireshark-3.6.17

wireshark-3.6.18

wireshark-3.6.19

wireshark-3.6.2

wireshark-3.6.3

wireshark-3.6.4

wireshark-3.6.5

wireshark-3.6.6

wireshark-3.6.7

wireshark-3.6.8

wireshark-3.6.9

wireshark-4.*

wireshark-4.0.0

wireshark-4.0.1

wireshark-4.0.10

wireshark-4.0.11

wireshark-4.0.2

wireshark-4.0.3

wireshark-4.0.4

wireshark-4.0.5

wireshark-4.0.6

wireshark-4.0.7

wireshark-4.0.8

wireshark-4.0.9

wireshark-4.2.0

wireshark-4.2.0rc2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-0209.json"

Git / gitlab.com/wireshark/wireshark

Affected ranges

Type

GIT

Repo

https://gitlab.com/wireshark/wireshark

Events

Introduced

54eedfc63953c8180b5a9c60015917cce7a2548a

Fixed

cfe37f471da958cc32ee516ef5a60884d2dca07f

Introduced

0cbe09cd796b2ea24c6069b76ea16df7f51cf67b

Fixed

bf0886019de2cef8cd3e453de9606cbaa4471d3e

Introduced

3a34e44d02c9c91f9f851bd6f29ff4505131b127

Fixed

ff65c7fa1c1e78608c471948736e4eb07c9e6252

Database specific

{
    "extracted_events": [
        {
            "introduced": "4.2.0"
        },
        {
            "fixed": "4.2.1"
        },
        {
            "introduced": "4.0.0"
        },
        {
            "fixed": "4.0.12"
        },
        {
            "introduced": "3.6.0"
        },
        {
            "fixed": "3.6.20"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

v3.*

v3.6.0

v3.6.1

v3.6.10

v3.6.10rc0

v3.6.11

v3.6.11rc0

v3.6.12

v3.6.12rc0

v3.6.13

v3.6.13rc0

v3.6.14

v3.6.14rc0

v3.6.15

v3.6.15rc0

v3.6.16

v3.6.16rc0

v3.6.17

v3.6.17rc0

v3.6.18

v3.6.18rc0

v3.6.19

v3.6.19rc0

v3.6.1rc0

v3.6.2

v3.6.20rc0

v3.6.2rc0

v3.6.3

v3.6.3rc0

v3.6.4

v3.6.4rc0

v3.6.5

v3.6.5rc0

v3.6.6

v3.6.6rc0

v3.6.7

v3.6.7rc0

v3.6.8

v3.6.8rc0

v3.6.9

v3.6.9rc0

v4.*

v4.0.0

v4.0.1

v4.0.10

v4.0.10rc0

v4.0.11

v4.0.11rc0

v4.0.12rc0

v4.0.1rc0

v4.0.2

v4.0.2rc0

v4.0.3

v4.0.3rc0

v4.0.4

v4.0.4rc0

v4.0.5

v4.0.5rc0

v4.0.6

v4.0.6rc0

v4.0.7

v4.0.7rc0

v4.0.8

v4.0.8rc0

v4.0.9

v4.0.9rc0

v4.2.0

v4.2.1rc0

wireshark-3.*

wireshark-3.6.0

wireshark-3.6.1

wireshark-3.6.10

wireshark-3.6.11

wireshark-3.6.12

wireshark-3.6.13

wireshark-3.6.14

wireshark-3.6.15

wireshark-3.6.16

wireshark-3.6.17

wireshark-3.6.18

wireshark-3.6.19

wireshark-3.6.2

wireshark-3.6.3

wireshark-3.6.4

wireshark-3.6.5

wireshark-3.6.6

wireshark-3.6.7

wireshark-3.6.8

wireshark-3.6.9

wireshark-4.*

wireshark-4.0.0

wireshark-4.0.1

wireshark-4.0.10

wireshark-4.0.11

wireshark-4.0.2

wireshark-4.0.3

wireshark-4.0.4

wireshark-4.0.5

wireshark-4.0.6

wireshark-4.0.7

wireshark-4.0.8

wireshark-4.0.9

wireshark-4.2.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-0209.json"