Wireshark
Moderate fix2 remedies
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*
Moderate fix2 remedies
- 4.6.0
- 4.4.0
- 4.4.1
- 4.4.2
- 4.4.3
- 4.4.4
- 4.4.5
- 4.4.6
- 4.4.7
- 4.4.8
- 4.4.9
- 4.4.10
Wireshark Kafka Dissector Denial-of-Service Vulnerability
Vulnerability
Patched
A denial-of-service vulnerability has been identified in the Wireshark Kafka dissector, specifically in versions 4.6.0 and 4.4.0 through 4.4.10. The issue arises when the Kafka dissector processes packets, leading to a crash. This vulnerability can be triggered by injecting a malformed packet or by reading a packet trace file that contains such a packet.
Impact
Exploitation of this vulnerability causes Wireshark to crash, disrupting the user's ability to analyze network traffic.
Reproduction
The vulnerability can be reproduced by using Wireshark's command-line tool, TShark, to process a capture file that contains malformed Kafka packets. This can be done by downloading the fuzzed capture file 'fuzz-2025-10-24-11832086494.pcap' from the Wireshark fuzzing campaign, which is available on the Wireshark website. Once the file is obtained, TShark can be run with the '-2' option to apply the Kafka dissector, which will then crash due to the unhandled malformed packet.
Remediation
Users can upgrade to Wireshark versions 4.6.1 or 4.4.11 to address this vulnerability.
Added: Nov 21, 2025, 6:18 AM
Updated: Nov 21, 2025, 6:18 AM
Vulnerability Rating
Custom Algorithm
spread
7.8impact
2.5exploitability
6.0remediation
7.7relevance
1.1threat
6.4urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.