Volerion logoVolerion
Volerion logoVolerion

Wireshark DCP-ETSI Protocol Dissector Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Wireshark versions 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14. The issue arises in the DCP-ETSI protocol dissector, where improper handling of packet fragments can lead to a heap buffer overflow. This flaw allows for a crash of the Wireshark application when a malformed packet is processed.

Impact

Exploitation of this vulnerability causes Wireshark to crash, disrupting the user's ability to analyze network traffic.

Reproduction

The vulnerability can be reproduced by opening a packet capture file containing malformed DCP-ETSI packets with Wireshark or TShark versions affected by this vulnerability. This can be done by injecting such packets into the network or by convincing a user to open a file that contains them. Wireshark or TShark should be compiled with AddressSanitizer enabled to observe the heap buffer overflow error, which indicates the vulnerability has been successfully exploited.

Remediation

Users are advised to upgrade to Wireshark versions 4.6.5, 4.4.15 or later.

Added: Apr 30, 2026, 7:40 AM
Updated: Apr 30, 2026, 7:40 AM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
7.5
exploitability
5.5
remediation
7.7
relevance
7.1
threat
6.4
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.