CVE-2023-1992: 
Wireshark vulnerability analysis and mitigation

CVE-2023-1992 is a vulnerability in Wireshark's RPCoRDMA dissector that affects versions 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12. The vulnerability was disclosed on April 12, 2023, and allows denial of service attacks through packet injection or crafted capture files (Wireshark Advisory, NVD).

The vulnerability exists in the RPC over RDMA (RPCoRDMA) dissector component of Wireshark. The issue manifests as a heap-buffer-overflow in the wmemarrayget_count function, which can be triggered when processing malformed packets. The vulnerability has a CVSS v3.1 base score of 7.5 (High), with attack vector being Network, attack complexity Low, and requiring no privileges or user interaction (Ubuntu).

When exploited, this vulnerability can cause Wireshark to crash, resulting in a denial of service condition. This can occur either through injection of malformed packets into the network or by convincing a user to open a specially crafted packet capture file (Wireshark Advisory).

The vulnerability has been fixed in Wireshark versions 4.0.5 and 3.6.13. Users are advised to upgrade to these or later versions to mitigate the risk. Various Linux distributions have also released security updates, including Debian (version 4.0.6-1~deb12u1), Fedora (version 4.0.5-1), and Gentoo (version 4.0.6) (Debian, Fedora, Gentoo).