Volerion logoVolerion
Volerion logoVolerion

Wireshark IEEE 802.11 Protocol Dissector Crash Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Wireshark versions 4.6.0 through 4.6.4. The issue arises in the IEEE 802.11 protocol dissector, where selecting certain packets can cause the application to crash. This crash appears to be related to multi-link information in the packets and can be triggered by reading a malformed packet trace file or by injecting a malformed packet onto the network.

Impact

Exploitation of this vulnerability leads to a crash of the Wireshark application, causing a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by loading a packet capture file that includes IEEE 802.11 Authentication packets with multi-link information. Selecting these packets in Wireshark versions 4.6.0 to 4.6.4 will cause the application to crash. This issue has been observed on macOS with Wireshark 4.6.3.

Remediation

Users are advised to upgrade to Wireshark version 4.6.5 or later.

Added: May 2, 2026, 12:18 PM
Updated: May 2, 2026, 12:18 PM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
2.5
exploitability
6.0
remediation
7.7
relevance
7.2
threat
6.4
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.