{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "34" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "35" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "3.2.0" }, { "fixed": "3.2.18" }, { "introduced": "3.4.0" }, { "fixed": "3.4.10" } ] }, "events": [ { "introduced": "e0ed4cfa3d72110257da54c26ad3a28d282ef454" }, { "fixed": "ddf8072b76718f59b84a968e1cf206212f6e2d01" }, { "introduced": "9733f173ea5e6255e8da208ef183210aa264d948" }, { "fixed": "733b3a137c2ba8c8e517e5fb37bcc3030a43d603" } ], "repo": "https://github.com/wireshark/wireshark", "type": "GIT" } ] } ], "details": "NULL pointer exception in the IEEE 802.11 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file", "id": "CVE-2021-39928", "modified": "2026-03-15T21:49:08.771490804Z", "published": "2021-11-18T19:15:08.467Z", "references": [ { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A6AJFIYIHS3TYDD2EBYBJ5KKE52X34BJ/" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YEWTIRMC2MFQBZ2O5M4CJHJM4JPBHLXH/" }, { "type": "ADVISORY", "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00015.html" }, { "type": "ADVISORY", "url": "https://security.gentoo.org/glsa/202210-04" }, { "type": "ADVISORY", "url": "https://www.debian.org/security/2021/dsa-5019" }, { "type": "ADVISORY", "url": "https://www.wireshark.org/security/wnpa-sec-2021-13.html" }, { "type": "ADVISORY", "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39928.json" }, { "type": "REPORT", "url": "https://gitlab.com/wireshark/wireshark/-/issues/17704" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }