CVE-2021-4181
Summary
| CVE | CVE-2021-4181 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-12-30 22:15:00 UTC |
| Updated | 2023-11-07 03:40:00 UTC |
| Description | Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Fedoraproject | Fedora | 34 | All | All | All |
| Operating System | Fedoraproject | Fedora | 35 | All | All | All |
| Application | Oracle | Http Server | 12.2.1.3.0 | All | All | All |
| Application | Oracle | Http Server | 12.2.1.4.0 | All | All | All |
| Application | Oracle | Zfs Storage Appliance Kit | 8.8 | All | All | All |
| Application | Wireshark | Wireshark | All | All | All | All |
| Application | Wireshark | Wireshark | 3.6.0 | All | All | All |
| Application | Wireshark | Wireshark | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [SECURITY] Fedora 34 Update: wireshark-3.6.1-1.fc34 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| Wireshark · wnpa-sec-2021-21 · Sysdig Event dissector crash | MISC | www.wireshark.org | |
| Oracle Critical Patch Update Advisory - April 2022 | MISC | www.oracle.com | |
| [SECURITY] Fedora 34 Update: wireshark-3.6.1-1.fc34 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| dissectors: various fixes to sysdig packet dissector and updated sysdig events (!5429) · Merge requests · Wireshark Foundation / wireshark · GitLab | MISC | gitlab.com | |
| [SECURITY] Fedora 35 Update: wireshark-3.6.1-1.fc35 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] [DLA 2967-1] wireshark security update | MLIST | lists.debian.org | |
| 2021/CVE-2021-4181.json · master · GitLab.org / cves · GitLab | CONFIRM | gitlab.com | |
| Wireshark: Multiple Vulnerabilities (GLSA 202210-04) — Gentoo security | GENTOO | security.gentoo.org | |
| [SECURITY] Fedora 35 Update: wireshark-3.6.1-1.fc35 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: Leonardo Grasso, Jason Dellaluce, and Federico Di Pierro
Legacy QID Mappings
- 179167 Debian Security Update for wireshark (DLA 2967-1)
- 181041 Debian Security Update for wireshark (CVE-2021-4181)
- 282259 Fedora Security Update for wireshark (FEDORA-2022-1daf93c51d)
- 282264 Fedora Security Update for wireshark (FEDORA-2022-30411cb3c4)
- 296062 Oracle Solaris 11.4 Support Repository Update (SRU) 43.113.3 Missing (CPUJAN2022)
- 354338 Amazon Linux Security Advisory for wireshark : ALAS2022-2022-079
- 354457 Amazon Linux Security Advisory for wireshark : ALAS2022-2022-226
- 354540 Amazon Linux Security Advisory for wireshark : ALAS-2022-226
- 355161 Amazon Linux Security Advisory for wireshark : ALAS2023-2023-038
- 376217 Wireshark Sysdig Event Dissector Crash Vulnerability (wnpa-sec-2021-21)
- 502201 Alpine Linux Security Update for wireshark
- 502401 Alpine Linux Security Update for wireshark
- 710636 Gentoo Linux Wireshark Multiple Vulnerabilities (GLSA 202210-04)
- 751705 SUSE Enterprise Linux Security Update for wireshark (SUSE-SU-2022:0375-1)
- 751708 OpenSUSE Security Update for wireshark (openSUSE-SU-2022:0375-1)
- 901237 Common Base Linux Mariner (CBL-Mariner) Security Update for wireshark (7417)
- 902241 Common Base Linux Mariner (CBL-Mariner) Security Update for wireshark (7417-1)