Wireshark 4.6.7 Packet Analyzer Fixes 12 Security Vulnerabilities

Wireshark 4.6.7, a network protocol analyzer, fixes a long list of security issues, including crashes in several protocol dissectors and file parsers.

Wireshark 4.6.7 has been released as the latest maintenance update in the 4.6 series of the world’s most popular network protocol analyzer, with security being the primary focus.

According to the release notes, this update addresses 12 vulnerabilities, including crashes in the Catapult DCT2000, SSH, IEEE 802.11, Z39.50, and UMTS FP protocol dissectors, as well as in the pcapng and DBS Etherwatch file parsers.

The release also resolves a TLS ECH decryption crash, a BLF file parser information disclosure issue, a ciscodump extcap crash, and several protocol dissector infinite loops. Users are strongly encouraged to update promptly, especially if they open capture files from untrusted or external sources.

In addition to security fixes, Wireshark 4.6.7 addresses several other bugs, including incorrect language display on Dutch systems, Qt capture filter combo box sizing issues, and a BACapp parsing error affecting “you-are” requests.

Additional fixes include a use-after-free issue in the Ethernet POWERLINK dissector, memory leaks identified through fuzzing, a heap-buffer overflow in the Wireshark Logcat parser, and incorrect dissection of IPv6 ping traffic from Debian and similar systems as HiPerConTracer.

The HEVC/H.265 dissector has been updated to correct bit offset handling that could cause false “Malformed Packet” reports. The release also resolves a crash related to the last saved recent_common file and addresses several fuzzing-related issues.

On the feature side, there is not much to report. The only listed feature-related change is that the Windows installers are now built with Visual Studio 2026.

No new protocol support has been added as well. However, the release updates support for a long list of existing protocols, including ALC, BACapp, Catapult DCT2000, DNS, EPL, FMP/NOTIFY, H.265, IEEE 802.11, SSH, UMTS FP, and Z39.50.

Finally, capture file support has been updated for Android Logcat, BLF, DBS Etherwatch, Netlog, and pcapng. No new or updated file format decoding support is included in this release.

For additional details, see the announcement. Wireshark 4.6.7 is now available from the project’s official website for Windows, macOS, and source-based installations. Linux users should monitor their distribution’s repositories for the update.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Leave a Reply

Your email address will not be published. Required fields are marked *