CVE-2024-0209

NameCVE-2024-0209
DescriptionIEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3906-1
Debian Bugs1059925

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
wireshark (PTS)bullseye3.4.10-0+deb11u1vulnerable
bullseye (security)3.4.16-0+deb11u1fixed
bookworm4.0.17-0+deb12u1fixed
bookworm (security)4.0.11-1~deb12u1vulnerable
trixie4.4.0-1fixed
sid4.4.1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
wiresharksourcebullseye3.4.16-0+deb11u1DLA-3906-1
wiresharksourcebookworm4.0.17-0+deb12u1
wiresharksource(unstable)4.2.2-11059925

Notes

[buster] - wireshark <no-dsa> (Minor issue)
https://www.wireshark.org/security/wnpa-sec-2024-02.html
https://gitlab.com/wireshark/wireshark/-/issues/19501
The bug references two crashes, this is for the one labelled "BUG log 2",
the more severe "Bug log 1" only affected unreleased versions
Search for package or bug name: Reporting problems