CVE-2023-0668 Information

Description

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet Wireshark version 4.0.5 and prior by default is susceptible to a heap-based buffer overflow and possibly code execution in the context of the process running Wireshark.

Reference

https://takeonme.org/cves/CVE-2023-0668.html https://gitlab.com/wireshark/wireshark/-/issues/19087 https://www.wireshark.org/security/wnpa-sec-2023-19.html https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html