CVE-2024-8250

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-8250
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-8250.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-8250
Related
Published
2024-08-29T00:15:09Z
Modified
2024-11-09T12:55:55.834146Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file

References

Affected packages

Debian:11 / wireshark

Package

Name
wireshark
Purl
pkg:deb/debian/wireshark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.16-0+deb11u1

Affected versions

3.*

3.4.4-1
3.4.6-1~exp1
3.4.7-1~exp1
3.4.7-1
3.4.8-1
3.4.9-1
3.4.10-0+deb11u1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / wireshark

Package

Name
wireshark
Purl
pkg:deb/debian/wireshark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.17-0+deb12u1

Affected versions

4.*

4.0.3-1
4.0.5-1~exp1
4.0.6-1~deb12u1
4.0.6-1~exp1
4.0.6-1
4.0.7-1
4.0.8-1
4.0.10-1
4.0.11-1~deb12u1
4.0.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / wireshark

Package

Name
wireshark
Purl
pkg:deb/debian/wireshark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1

Affected versions

4.*

4.0.3-1
4.0.5-1~exp1
4.0.6-1~deb12u1
4.0.6-1~exp1
4.0.6-1
4.0.7-1
4.0.8-1
4.0.10-1
4.0.11-1~deb12u1
4.0.11-1
4.2.0~rc3-1~exp1
4.2.0-1~exp0
4.2.0-1
4.2.2-1
4.2.2-1.1~exp1
4.2.2-1.1
4.2.4-1
4.2.5-1
4.2.5-2
4.2.6-1
4.4.0-0exp1
4.4.0-0exp2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/wireshark/wireshark

Affected ranges

Type
GIT
Repo
https://github.com/wireshark/wireshark
Events

Affected versions

v4.*

v4.0.0
v4.0.1
v4.0.10
v4.0.10rc0
v4.0.11
v4.0.11rc0
v4.0.12
v4.0.12rc0
v4.0.13
v4.0.13rc0
v4.0.14
v4.0.14rc0
v4.0.15
v4.0.15rc0
v4.0.16
v4.0.16rc0
v4.0.17rc0
v4.0.1rc0
v4.0.2
v4.0.2rc0
v4.0.3
v4.0.3rc0
v4.0.4
v4.0.4rc0
v4.0.5
v4.0.5rc0
v4.0.6
v4.0.6rc0
v4.0.7
v4.0.7rc0
v4.0.8
v4.0.8rc0
v4.0.9
v4.0.9rc0

wireshark-4.*

wireshark-4.0.0
wireshark-4.0.1
wireshark-4.0.10
wireshark-4.0.11
wireshark-4.0.12
wireshark-4.0.13
wireshark-4.0.14
wireshark-4.0.15
wireshark-4.0.16
wireshark-4.0.2
wireshark-4.0.3
wireshark-4.0.4
wireshark-4.0.5
wireshark-4.0.6
wireshark-4.0.7
wireshark-4.0.8
wireshark-4.0.9