{"id":"AZL-44853","summary":"CVE-2024-24478 affecting package wireshark for versions less than 4.4.7-1","details":"An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.","modified":"2026-04-21T04:31:31.293312Z","published":"2024-02-21T17:15:09Z","upstream":["CVE-2024-24478"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24478"}],"affected":[{"package":{"name":"wireshark","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/wireshark"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.7-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-44853.json"}}],"schema_version":"1.7.5"}