CVE-2024-4854 Information

Description

MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4 4.0.0 to 4.0.14 and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file

Reference

https://www.wireshark.org/security/wnpa-sec-2024-07.html https://gitlab.com/wireshark/wireshark/-/issues/19726 https://gitlab.com/wireshark/wireshark/-/merge_requests/15047 https://gitlab.com/wireshark/wireshark/-/merge_requests/15499