Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-3203

Опубликовано: 25 фев. 2026
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

A flaw was found in the RF4CE Profile dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a buffer over-read, resulting in a denial of service.

Отчет

This issue will cause a crash in Wireshark with no other security impact. Also, this flaw can only be exploited when a malformed pcap file is processed. Due to these reasons, this vulnerability has been rated with a moderate severity.

Меры по смягчению последствий

If the RF4CE Profile protocol dissector is not being used, it can be disabled via the "Enabled Protocols" dialog box in the Wireshark GUI application. This will also disable the protocol dissector when using "tshark", the command line tool. See the links below for instructions to disable a protocol in Wireshark, specifically the "Control Protocol Dissection" section and the "disabled_protos" configuration file option. https://www.wireshark.org/docs/wsug_html_chunked/ChCustProtocolDissectionSection.html https://www.wireshark.org/docs/wsug_html_chunked/ChAppFilesConfigurationSection.html

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10wiresharkAffected
Red Hat Enterprise Linux 6wiresharkNot affected
Red Hat Enterprise Linux 7wiresharkNot affected
Red Hat Enterprise Linux 8wiresharkNot affected
Red Hat Enterprise Linux 9wiresharkNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-126
https://bugzilla.redhat.com/show_bug.cgi?id=2442639wireshark: Buffer Over-read in Wireshark

EPSS

Процентиль: 10%
0.00034
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2026-3203

CVSS3: 5.5
ubuntu
30 дней назад

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

nvd логотип

CVE-2026-3203

CVSS3: 5.5
nvd
30 дней назад

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

debian логотип

CVE-2026-3203

CVSS3: 5.5
debian
30 дней назад

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and ...

github логотип

GHSA-qrr9-2772-633f

CVSS3: 5.5
github
30 дней назад

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

EPSS

Процентиль: 10%
0.00034
Низкий

5.5 Medium

CVSS3