Denial of service via SSH protocol dissector crash
Summary
SSH protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service A flaw was found in Wireshark's SSH (Secure Shell) protocol dissector. A remote attacker could craft a malicious network capture file that, when opened by a user, would cause the Wireshark application to crash. This vulnerability leads to a denial of service, preventing the user from analyzing network traffic. This issue requires user interaction to open a malicious file, limiting its impact to the availability of the Wireshark application for network traffic analysis. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-1286. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
Mitigation checklist
- Users should avoid opening untrusted or suspicious network capture files with Wireshark. Running Wireshark in a sandboxed environment can further limit the impact of potential crashes. No direct configuration options are available to prevent this flaw without affecting Wireshark's core functionality.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.