Wireshark 4.6.5 Packet Analyzer Fixes Dozens of Vulnerabilities

Wireshark 4.6.5 network protocol analyzer fixes dozens of vulnerabilities, including crashes, infinite loops, and memory issues.

Wireshark 4.6.5 Packet Analyzer Fixes Dozens of Vulnerabilities

Wireshark, a leading free and open-source packet analyzer for network troubleshooting, analysis, and protocol development, has released version 4.6.5. According to the project, this release fixes many vulnerabilities, which it attributes to a recent trend in AI-assisted vulnerability reports.

Among the affected areas are protocol dissectors for Monero, BT-DHT, SMB2, ICMPv6, AFP, TLS, RDP, ZigBee, OpenFlow, WebSocket, HTTP, MySQL, IEEE 802.11, and others. Wireshark also fixed issues in components such as the SBC and iLBC audio codecs, the K12 RF5 file parser, profile import handling, zlib and LZ77 decompression in the dissection engine, and the Sharkd utility.

Notable security fixes include a TLS dissector crash with possible code execution, an RDP dissector crash with possible code execution, an SBC codec crash with possible code execution, and a profile import crash also marked as possible code execution. Other fixes address infinite loops in SMB2, TLS, OpenFlow, USB HID, SANE, MBIM, RPKI-Router, UDS, and several other dissectors.

Beyond the security fixes, Wireshark 4.6.5 introduces a redesigned welcome page that highlights learning sections more clearly and adds a sidebar with tips and tricks. Users who do not want the new welcome page can disable it in the settings dialog.

For Windows users, the bundled dependencies have been updated. The Wireshark installers now ship with Npcap 1.87, replacing Npcap 1.86, and Qt 6.10.3, replacing Qt 6.9.3.

There are no new protocols in this release. However, Wireshark 4.6.5 updates support for a long list of existing protocols, including AFP, BGP, DNS, HTTP, HTTP/2, ICMPv6, IPv4, IPv6, ISAKMP, JSON 3GPP, LDAP, Modbus, MySQL, OpenFlow, OpenVPN, QUIC, SMB2, SSH, TLS-related certificate handling, WebSocket, and many more.

Capture file support has also been updated across formats such as Android Logcat, BLF, Catapult DCT2000, EyeSDN, HP-UX nettl, K12, MPEG2 transport stream, NetScaler, NetScreen, pcapng, Systemd Journal, and Toshiba Compact ISDN Router captures.

For more information, see the announcement. Wireshark 4.6.5 is available from the project’s download page.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts