Denial of Service via Catapult DCT2000 protocol dissector crash
Summary
Catapult DCT2000 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service A flaw was found in Wireshark. A local attacker could exploit a crash in the Catapult DCT2000 protocol dissector. This vulnerability, requiring user interaction, leads to a denial of service, making the system unavailable. This flaw requires local user interaction, as an attacker must provide a specially crafted capture file for a user to open. The impact is limited to the availability of the Wireshark application, making the system unavailable only in the context of network traffic analysis. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-476. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
Mitigation checklist
- To reduce the risk, avoid opening untrusted network capture files that may contain malicious Catapult DCT2000 protocol data. Ensure that Wireshark is used only with data from trusted sources to prevent potential application crashes.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.