CVE-2024-4854

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:*:-:*:*:*:*:*:*

History

18 Apr 2025, 16:34

Type Values Removed Values Added
First Time Fedoraproject
Fedoraproject fedora
Wireshark wireshark
Wireshark
CPE cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:*:-:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
References () https://gitlab.com/wireshark/wireshark/-/issues/19726 - () https://gitlab.com/wireshark/wireshark/-/issues/19726 - Issue Tracking
References () https://gitlab.com/wireshark/wireshark/-/merge_requests/15047 - () https://gitlab.com/wireshark/wireshark/-/merge_requests/15047 - Product
References () https://gitlab.com/wireshark/wireshark/-/merge_requests/15499 - () https://gitlab.com/wireshark/wireshark/-/merge_requests/15499 - Product
References () https://www.wireshark.org/security/wnpa-sec-2024-07.html - () https://www.wireshark.org/security/wnpa-sec-2024-07.html - Vendor Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW/ - Mailing List
References () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MKFJAZDKXGFFQPRDYLX2AANRNMYZZEZ/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MKFJAZDKXGFFQPRDYLX2AANRNMYZZEZ/ - Mailing List

21 Nov 2024, 09:43

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MKFJAZDKXGFFQPRDYLX2AANRNMYZZEZ/ -
References () https://gitlab.com/wireshark/wireshark/-/issues/19726 - () https://gitlab.com/wireshark/wireshark/-/issues/19726 -
References () https://gitlab.com/wireshark/wireshark/-/merge_requests/15047 - () https://gitlab.com/wireshark/wireshark/-/merge_requests/15047 -
References () https://gitlab.com/wireshark/wireshark/-/merge_requests/15499 - () https://gitlab.com/wireshark/wireshark/-/merge_requests/15499 -
References () https://www.wireshark.org/security/wnpa-sec-2024-07.html - () https://www.wireshark.org/security/wnpa-sec-2024-07.html -

29 Aug 2024, 15:15

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW/', 'source': 'cve@gitlab.com'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MKFJAZDKXGFFQPRDYLX2AANRNMYZZEZ/', 'source': 'cve@gitlab.com'}

10 Jun 2024, 18:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MKFJAZDKXGFFQPRDYLX2AANRNMYZZEZ/ -

14 May 2024, 16:11

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-14 15:45

Updated : 2025-04-18 16:34


NVD link : CVE-2024-4854

Mitre link : CVE-2024-4854

CVE.ORG link : CVE-2024-4854


JSON object : View

Products Affected

wireshark

  • wireshark

fedoraproject

  • fedora
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')