CNNVD-202512-413 Information
CNNVD ID
CNNVD-202512-413
Related CVE
- CNNVD Published: 2025-12-03
Description (Chinese)
Wireshark(前称Ethereal)是导线鲨鱼(Wireshark)团队的一套网络数据包分析软件。该软件的功能是截取网络数据包,并显示出详细的数据以供分析。 Wireshark 4.6.0版本至4.6.1版本和4.4.0版本至4.4.11版本存在安全漏洞,该漏洞源于MEGACO解析器无限循环,可能导致拒绝服务。
Description (English)
Wireshark (formerly Ethel) is a web-based package analysis software for the Wireshark team. The software is designed to intercept network data packages and to display detailed data for analysis. There is a security gap between Wireshank Versions 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11, which stems from the unlimited cycle of the MEGACO resolver, which may lead to the denial of services.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
导线鲨鱼
Published
2025-12-03
Last Modified
2026-02-24
References
https://gitlab.com/wireshark/wireshark/-/issues/20884 https://www.wireshark.org/security/wnpa-sec-2025-08.html https://vigilance.fr/vulnerability/Wireshark-overload-via-MEGACO-Dissector-48978
Patch
https://www.wireshark.org/download.html
Share on: