Wireshark
Moderate fix1 remedy
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*
Moderate fix1 remedy
- >= 4.6.0, <= 4.6.4
Wireshark RTSP Protocol Dissector Null Pointer Dereference Vulnerability
Vulnerability
Patched
A null pointer dereference vulnerability has been identified in the RTSP protocol dissector of Wireshark. This issue is present in Wireshark versions 4.6.0 through 4.6.4. The vulnerability arises when the dissector processes a malformed RTSP DESCRIBE request containing a specific URI format, leading to a crash. The issue can be triggered by injecting a malformed packet or by opening a packet trace file that contains the malformed data.
Impact
Exploitation of this vulnerability causes Wireshark to crash, terminating the application unexpectedly.
Reproduction
The vulnerability can be reproduced by using TShark, Wireshark's command-line counterpart, with a capture file that contains the malformed RTSP DESCRIBE request. The file should be referenced in the command line, and the 'WIRESHARK_DEBUG_WMEM_OVERRIDE' environment variable should be set to 'simple' to enable the AddressSanitizer, which will report the crash caused by the vulnerability.
Remediation
Users are advised to upgrade to Wireshark version 4.6.5 or later.
Added: Apr 30, 2026, 7:45 AM
Updated: Apr 30, 2026, 7:45 AM
Vulnerability Rating
Custom Algorithm
spread
7.8impact
0.6exploitability
5.8remediation
7.7relevance
7.1threat
6.4urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.