All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Wireshark 4.6.7 patches twelve security vulnerabilities in protocol dissectors

Wireshark 4.6.7 is a maintenance release that patches twelve security vulnerabilities, primarily crash-inducing flaws in protocol dissectors. The bugs range from cellular signaling parsers to capture file reading code, with most involving out-of-bounds reads or bad memory access triggered by crafted packets or capture files. The release also fixes a use-after-free vulnerability and adds a Visual Studio 2026 Windows build.

Anamarija Pogorelec2h ago3 min readenNews
Read on helpnetsecurity.com

Key quotes

Network analysts who open packet captures in Wireshark push untrusted data through a large set of protocol dissectors, and each parser is a spot where a malformed frame can trip up the software.
The 4.6.7 maintenance release closes twelve of those weak points.
A crafted packet or capture file could push a dissector into reading past its buffer or touching bad memory, ending the session.

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.