CVE-2023-0412: 
Wireshark vulnerability analysis and mitigation

The vulnerability CVE-2023-0412 affects the TIPC (Transparent Inter-Process Communication) dissector in Wireshark versions 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10. This security flaw allows denial of service attacks through packet injection or crafted capture file manipulation (Wireshark Advisory, NVD).

The vulnerability is caused by a crash in the TIPC dissector component of Wireshark. The issue manifests as a stack overflow when processing malformed packets, as evidenced by the crash output showing recursive calls in the dissecttipc and dissecttipcintprot_msg functions. The vulnerability has been assigned a CVSS v3.1 base score of 7.1 (HIGH) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H (NVD).

When exploited, this vulnerability can cause Wireshark to crash, resulting in a denial of service condition. The attack can be triggered either by injecting malformed packets into a network being monitored or by convincing a user to open a specially crafted capture file (Wireshark Advisory).

The vulnerability has been fixed in Wireshark versions 4.0.3 and 3.6.11. Users are advised to upgrade to these or later versions to mitigate the risk. For Debian 10 (buster) users, the fix is available in version 2.6.20-0+deb10u5 (Debian Advisory, Wireshark Advisory).