Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-0962

Опубликовано: 14 янв. 2026
Источник: redhat
CVSS3: 5.3
EPSS Низкий

Описание

SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service

A flaw was found in Wireshark. A remote attacker could entice a user to open a specially crafted packet capture file. This action would trigger a crash in the SOME/IP-SD protocol dissector, leading to a Denial of Service (DoS) for the affected system.

Отчет

This vulnerability is rated Moderate for Red Hat. An out-of-bounds write in the Wireshark SOME/IP-SD protocol dissector can lead to a denial of service. Exploitation requires user interaction, as a victim must open a specially crafted packet trace file or capture malicious network traffic. Impact is limited to systems where Wireshark is installed and actively used to process untrusted network captures.

Меры по смягчению последствий

To mitigate this issue, avoid opening untrusted capture files or analyzing untrusted live network traffic with Wireshark. Users should only process network data from known and trusted sources. If Wireshark is not actively used, consider removing the package to reduce the attack surface.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10wiresharkFix deferred
Red Hat Enterprise Linux 6wiresharkFix deferred
Red Hat Enterprise Linux 7wiresharkFix deferred
Red Hat Enterprise Linux 8wiresharkFix deferred
Red Hat Enterprise Linux 9wiresharkFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-787
https://bugzilla.redhat.com/show_bug.cgi?id=2429764Wireshark: Wireshark: Denial of Service via SOME/IP-SD protocol dissector crash

EPSS

Процентиль: 9%
0.00032
Низкий

5.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2026-0962

CVSS3: 5.3
ubuntu
3 месяца назад

SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service

nvd логотип

CVE-2026-0962

CVSS3: 5.3
nvd
3 месяца назад

SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service

debian логотип

CVE-2026-0962

CVSS3: 5.3
debian
3 месяца назад

SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4. ...

github логотип

GHSA-fxww-56j7-2rh4

CVSS3: 5.3
github
3 месяца назад

SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service

fstec логотип

BDU:2026-03613

CVSS3: 6.5
fstec
3 месяца назад

Уязвимость анализатора трафика компьютерных сетей Wireshark, связанная с записью за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 9%
0.00032
Низкий

5.3 Medium

CVSS3