Denial of Service via pcapng file parser crash
Summary
pcapng file parser crash in Wireshark 4.6.0 to 4.6.6 allows denial of service A flaw was found in Wireshark. A remote attacker could exploit a vulnerability in the pcapng file parser, leading to a crash of the application. This denial of service (DoS) could prevent legitimate users from accessing the service, impacting its availability. Exploitation requires user interaction, as the user must open the malicious file. Red Hat severity: Moderate. Weakness: CWE-825. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
Mitigation checklist
- To mitigate this issue, users should avoid opening pcapng files from untrusted or unknown sources. Exercise caution when handling network capture files, especially those received unexpectedly or from external origins.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.