Denial of service via FMP/NOTIFY protocol dissector crash
Summary
FMP/NOTIFY protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service A flaw was found in Wireshark. A local user could exploit this vulnerability by processing a specially crafted FMP/NOTIFY protocol packet. This could lead to a denial of service (DoS) due to a crash in the protocol dissector, making the application unavailable. The vulnerability requires user interaction, as an attacker must trick a local user into opening a malicious packet capture file, limiting the attack surface. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-1286. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
Mitigation checklist
- To mitigate this issue, users should avoid opening untrusted or suspicious packet capture files with Wireshark. Restricting access to systems running Wireshark and ensuring that only trusted network captures are analyzed can further reduce the risk of exploitation.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.