Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2021-4183
CVE-2021-4183:
Wireshark vulnerability analysis and mitigation
Overview
CVE-2021-4183 is a vulnerability discovered in Wireshark 3.6.0's pcapng file parser that was disclosed on December 29, 2021. The vulnerability affects the pcapng file parser component and allows denial of service via a crafted capture file (Wireshark Advisory).
Technical details
The vulnerability manifests as a heap-buffer-overflow in the pcapng_process_options function when processing pcapng files. When analyzing the crash with AddressSanitizer, it was found that the issue occurs during a READ operation of size 2 at a memory location that is 32 bytes beyond an allocated 128-byte region (Wireshark Issue).
Impact
The vulnerability allows attackers to cause a denial of service condition by convincing a user to open a specially crafted packet capture file. This can result in Wireshark crashing during file analysis (Wireshark Advisory).
Mitigation and workarounds
The vulnerability was fixed in Wireshark version 3.6.1. Users are advised to upgrade to this version or later to mitigate the issue. No workarounds were provided for earlier versions (Wireshark Advisory, Fedora Update).
Additional resources
Source: This report was generated using AI
Related Wireshark vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management