CNNVD-202601-2363 Information
CNNVD ID
CNNVD-202601-2363
Related CVE
- CNNVD Published: 2026-01-14
Description (Chinese)
Wireshark(前称Ethereal)是导线鲨鱼(Wireshark)团队的一套网络数据包分析软件。该软件的功能是截取网络数据包,并显示出详细的数据以供分析。 Wireshark 4.6.0版本至4.6.2版本和4.4.0版本至4.4.12版本存在缓冲区错误漏洞,该漏洞源于SOME/IP-SD协议解析器崩溃,可能导致拒绝服务。
Description (English)
Wireshark (formerly Ethel) is a web-based package analysis software for the Wireshark team. The software is designed to intercept network data packages and to display detailed data for analysis. Wireshank Versions 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 have an error loophole in the buffer zone, which stems from the breakdown of the SOME/IP-SD protocol resolver, which could lead to the denial of services.
Hazard Level
High
Vulnerability Type
缓冲区错误
Affected Vendor
导线鲨鱼
Published
2026-01-14
Last Modified
2026-02-24
References
https://gitlab.com/wireshark/wireshark/-/issues/20945 https://www.wireshark.org/security/wnpa-sec-2026-03.html
Patch
https://www.wireshark.org/download.html
Share on: