Volerion logoVolerion
Volerion logoVolerion

Wireshark MySQL Protocol Dissector Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Wireshark versions 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14. The issue arises in the MySQL protocol dissector, where a commented-out initialization leads to a pointer dereference. This flaw can be exploited by injecting a malformed MySQL packet or by opening a packet capture file that contains such a packet, causing Wireshark to crash.

Impact

Exploitation of this vulnerability leads to a crash of the Wireshark application, causing a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by using TShark, the command-line version of Wireshark, with the 'WIRESHARK_DEBUG_WMEM_OVERRIDE=simple' environment variable set. This command will read a packet capture file that contains a malformed MySQL packet, which triggers the crash by causing a segmentation fault due to an invalid memory access.

Remediation

Users can upgrade to Wireshark versions 4.6.5, 4.4.15 or later to address this vulnerability.

Added: Apr 30, 2026, 7:47 AM
Updated: Apr 30, 2026, 7:47 AM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
2.5
exploitability
5.8
remediation
7.7
relevance
7.1
threat
6.4
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.