CVE-2023-2906

Published: Aug 25, 2023

Modified: Nov 3, 2025

PUBLISHED

Description

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.

Vendor	Product	Versions
Wireshark Foundation	Wireshark	affected `2.0.0 - <= 4.0.7`

Weaknesses (CWE)

CWE-369

References

https://takeonme.org/cves/CVE-2023-2906.html

exploit

third-party-advisory

technical-description

https://gitlab.com/wireshark/wireshark/-/issues/19229

patch

https://lists.fedoraproject.org/archives/list/[email protected]/message/L4AVRUYSHDNEAJILVSGY5W6MPOMG2YRF/

https://lists.fedoraproject.org/archives/list/[email protected]/message/6HCUPLDY7HLPO46PHMGIJSUBJFTT237C/

https://lists.fedoraproject.org/archives/list/[email protected]/message/TRKHFQPWFU7F3OXTL6IEIQSJG6FVXZTZ/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-2906

Description

Affected Products

Weaknesses (CWE)

References