Denial of Service via IEEE 802.11 protocol dissector crash
Summary
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service A flaw was found in Wireshark, a network protocol analyzer. An attacker could exploit this vulnerability by sending a specially crafted network packet, which would cause the IEEE 802.11 protocol dissector to crash. This issue results in a denial of service, making the Wireshark application unresponsive and unavailable to users. This Moderate impact flaw in Wireshark allows a denial of service when processing specially crafted IEEE 802.11 network packets. The vulnerability affects the availability of the Wireshark application, potentially disrupting network analysis operations, and requires an attacker to inject or present malicious 802.11 traffic to the system. Red Hat severity: Moderate — CVSS 5.7 (CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-476. Affected Red Hat products: Red Hat Enterprise Linux 10. Red Hat does not currently list a fixing RHSA for this CVE.
Mitigation checklist
- To mitigate this issue, avoid analyzing untrusted network traffic with Wireshark. Restrict the use of Wireshark to trusted environments where the source of network packets can be verified.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.