CVE-2023-2855: 
Wireshark vulnerability analysis and mitigation

CVE-2023-2855 affects Wireshark versions 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13, where a vulnerability in the Candump log parser allows denial of service via a crafted capture file (Wireshark Advisory, NVD). The vulnerability was discovered by Huascar Tejeda and was disclosed on May 24, 2023.

The vulnerability is caused by a stack-buffer-overflow in the candumpwritepacket function within wiretap/candump.c. The issue occurs when memcpy is called with a length value larger than the destination buffer CANMAXDLEN (8 bytes), allowing a buffer overflow when processing specially crafted payloads (Wireshark Issue). The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H (NVD).

The vulnerability can cause Wireshark to crash when processing malformed packet trace files, resulting in a denial of service condition. The impact occurs when a user is convinced to read a maliciously crafted capture file (Wireshark Advisory).

The vulnerability has been fixed in Wireshark versions 4.0.6 and 3.6.14. Users are advised to upgrade to these or later versions to address the security issue (Wireshark Advisory). Various Linux distributions have also released security updates to address this vulnerability (Debian Advisory, Gentoo Advisory).