{"id":"MGASA-2024-0206","summary":"Updated wireshark packages fix security vulnerabilities","details":"Memory handling issue in editcap could cause denial of service via\ncrafted capture file. (CVE-2024-4853)\nMONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to\n4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via\npacket injection or crafted capture file. (CVE-2024-4854)\nUse after free issue in editcap could cause denial of service via\ncrafted capture file. (CVE-2024-4855)\n","modified":"2026-02-01T08:24:14.167156Z","published":"2024-06-03T18:30:48Z","related":["CVE-2024-4853","CVE-2024-4854","CVE-2024-4855"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0206.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33258"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66H2BSENPSIALF2WIZF7M3QBVWYBMFGW/"}],"affected":[{"package":{"name":"wireshark","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/wireshark?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.0.15-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0206.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}