CVE-2024-8645

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-8645

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-8645.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-8645

Downstream

DEBIAN-CVE-2024-8645

DLA-3906-1

OESA-2024-2242

SUSE-SU-2024:3250-1

UBUNTU-CVE-2024-8645

openSUSE-SU-2024:14341-1

Related

Published

2024-09-10T10:15:14Z

Modified

2025-09-19T15:13:58.278380Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file

References

Affected packages

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

0cbe09cd796b2ea24c6069b76ea16df7f51cf67b

Fixed

dcf5148eb98893796dc7732c9a48b70c7c7e4849

Type: GIT
Repo: https://gitlab.com/wireshark/wireshark
Events: Introduced

54eedfc63953c8180b5a9c60015917cce7a2548a

Fixed

2acd1a854babc4caae980ef9ed79ad36b6bc0362

Affected versions

v4.*

v4.0.0

v4.0.1

v4.0.10

v4.0.10rc0

v4.0.11

v4.0.11rc0

v4.0.12

v4.0.12rc0

v4.0.13

v4.0.13rc0

v4.0.14

v4.0.14rc0

v4.0.15

v4.0.15rc0

v4.0.16rc0

v4.0.1rc0

v4.0.2

v4.0.2rc0

v4.0.3

v4.0.3rc0

v4.0.4

v4.0.4rc0

v4.0.5

v4.0.5rc0

v4.0.6

v4.0.6rc0

v4.0.7

v4.0.7rc0

v4.0.8

v4.0.8rc0

v4.0.9

v4.0.9rc0

v4.2.0

v4.2.1

v4.2.1rc0

v4.2.2

v4.2.2rc0

v4.2.3

v4.2.3rc0

v4.2.4

v4.2.4rc0

v4.2.5

v4.2.5rc0

v4.2.6rc0

wireshark-4.*

wireshark-4.0.0

wireshark-4.0.1

wireshark-4.0.10

wireshark-4.0.11

wireshark-4.0.12

wireshark-4.0.13

wireshark-4.0.14

wireshark-4.0.15

wireshark-4.0.2

wireshark-4.0.3

wireshark-4.0.4

wireshark-4.0.5

wireshark-4.0.6

wireshark-4.0.7

wireshark-4.0.8

wireshark-4.0.9

wireshark-4.2.0

wireshark-4.2.1

wireshark-4.2.2

wireshark-4.2.3

wireshark-4.2.4

wireshark-4.2.5