CNNVD-202511-2895 Information
CNNVD ID
CNNVD-202511-2895
Related CVE
- CNNVD Published: 2025-11-26
Description (Chinese)
Wireshark(前称Ethereal)是导线鲨鱼(Wireshark)团队的一套网络数据包分析软件。该软件的功能是截取网络数据包,并显示出详细的数据以供分析。 Wireshark 4.6.0版本存在缓冲区错误漏洞,该漏洞源于BPv7解析器崩溃,可能导致拒绝服务。
Description (English)
Wireshark (formerly Ethel) is a web-based package analysis software for the Wireshark team. The software is designed to intercept network data packages and to display detailed data for analysis. Version 4.6.0 of Wireshark has an error loophole in the buffer zone, which stems from the collapse of the BPv7 decipher, which could lead to the denial of services.
Hazard Level
High
Vulnerability Type
缓冲区错误
Affected Vendor
导线鲨鱼
Published
2025-11-26
Last Modified
2026-02-24
References
https://www.wireshark.org/security/wnpa-sec-2025-05.html https://gitlab.com/wireshark/wireshark/-/issues/20770 https://vigilance.fr/vulnerability/Wireshark-denial-of-service-via-BPv7-48817
Patch
https://www.wireshark.org/download.html
Share on: