CNNVD-202601-2366 Information

CNNVD ID

CNNVD-202601-2366

Related CVE

CVE-2026-0961

• CNNVD Published: 2026-01-14

Description (Chinese)

Wireshark（前称Ethereal）是导线鲨鱼（Wireshark）团队的一套网络数据包分析软件。该软件的功能是截取网络数据包，并显示出详细的数据以供分析。 Wireshark 4.6.0版本至4.6.2版本和4.4.0版本至4.4.12版本存在缓冲区错误漏洞，该漏洞源于BLF文件解析器崩溃，可能导致拒绝服务。

Description (English)

Wireshark (formerly Ethel) is a web-based package analysis software for the Wireshark team. The software is designed to intercept network data packages and to display detailed data for analysis. Wireshank versions 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 contain a buffer zone error loophole, which stems from the collapse of the BLF file resolver and may lead to the denial of services.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

导线鲨鱼

Published

2026-01-14

Last Modified

2026-02-24

References

https://gitlab.com/wireshark/wireshark/-/issues/20880 https://www.wireshark.org/security/wnpa-sec-2026-01.html

Patch

https://www.wireshark.org/download.html