Skip to main content

Improper Resource Shutdown or Release

CVE-2023-0414

Severity Medium
Score 6.5/10

Summary

Crash in the "EAP" dissector in Wireshark 4.0.0 through 4.0.2 allows denial of service via packet injection or crafted capture file.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • REQUIRED
  • NONE
  • NONE
  • HIGH

CWE-404 - Improper Resource Shutdown or Release

The program does not release or incorrectly releases a resource before it is made available for re-use.

Advisory Timeline

  • Published