—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Denial of Service Vulnerability in Wireshark

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: MEDIUM

Software Affected

Wireshark versions 4.6.0 to 4.6.5 and 4.4.0 to 4.4.15

Overview

A vulnerability has been reported in Wireshark, which could allow an attacker to cause Denial of Service (DoS) condition on the targeted system.

Target Audience:

All end-user organizations and individuals using Wireshark.

Risk Assessment:

High risk of service disruption.

Impact Assessment:

Potential for service unavailability.

Description

Wireshark is a network protocol analyzer used to capture and inspect data packets in real time for troubleshooting, analysis, and security purposes.

A Denial of Service (DoS) vulnerability exists in Wireshark due to NULL Pointer Dereference (NPD).

Successful exploitation of this vulnerability leads to Wireshark dissector crash, resulting in a denial-of-service condition on the targeted system.

Solution

Apply appropriate updates as mentioned by the vendor:

https://www.wireshark.org/security/wnpa-sec-2026-51.html

Vendor Information

Wireshark

https://www.wireshark.org/security/wnpa-sec-2026-51.html

References

Wireshark

https://www.wireshark.org/security/wnpa-sec-2026-51.html

CVE Name

CVE-2026-6526

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmoPIZ4ACgkQ3jCgcSdc

ys/H0g//ZHKtN8MH75XKRF2G1spk2VEO/zeRYYE9BvCRNSNcKNwqnSXIQIR+VVsY

b+G+G6mBhv/YATtukt8Yh5btywtPrzLhvEoPmcEHEvSQQk1aSg1+NMcbOlSOBqK4

ESayvK8YmYs1CnTwUm29Z1ge+iAZEGYSZXKEJ8u8Kiqm8EngP/FInxrCVic+I/Gz

Pf4hIqAiIRZM6WIDTbAUjjn7689ztR9cSAXTx5SsCLxb1DbBb8jJvBvZNPolTwde

i9z2Sw+wbOSbJaIXU8XcXlwWIvN2JYiyVKCcnMfRxMY4Trkmc+Sl1x+lSuxWVle6

GTN8/w1GO+yZSbM4Nd85WvLAUwtO26Wj+8SJgOA8Nd5gufksbDtO5cKOXkzIc0cj

H2SWlVWTRxjKq7AFXvO5vWhBCAILLLF4ucb4/3+hWyq6nKObaJ5HK6REoIHbaFMc

BbNmgYZZ92azhYfv5Z6PGDAtlIKCjRgBLPxF3gUAKyPYatTSI+tIREN6ArJjHeMB

neUEWdIQuxaLhv2WAeN9Dzam0DpssqeH/EeUWVkukBFNkwMuAC9r6h4hQsp9NiBN

w3ahhlFclBsmHDyyCHXNvfQipG7Jxlqby1VkZAEHqv9ULylC3wiLMjk85yTrMNsk

BBMcrOcOlwJklligoyX91jAyZeI6hzv1EZeWsSAEE+g8bUBppX0=

=4LjU

—–END PGP SIGNATURE—–