Denial of Service Vulnerability in Wireshark by The Wireshark Foundation
CVE-2025-5601
Key Information:
Badges
What is CVE-2025-5601?
Wireshark versions 4.4.0 through 4.4.6 and 4.2.0 through 4.2.12 are susceptible to a denial of service vulnerability caused by improper handling of columns. An attacker can exploit this vulnerability through packet injection or by embedding malicious code within specially crafted capture files, leading to potential application crashes and interruption of service. It is crucial for users of affected versions to be aware of this issue and to apply recommended patches to mitigate risks.
Affected Version(s)
Wireshark 4.4.0 < 4.4.7
Wireshark 4.2.0 < 4.2.13
News Articles

Wireshark Vulnerability Allows Attackers to Launch DoS Attacks
This flaw, identified as "Dissection engine crash", stems from a bug in the column utility module used by Wireshark's dissectors.
References
CVSS V3.1
Timeline
- 👾
Exploit known to exist
- 📰
First article discovered by GBHackers News
Vulnerability published
Vulnerability Reserved