Wireshark 4.6.4 Released With Fix for Multiple Security Vulnerabilities

Wireshark 4.6.4, a major maintenance update for the most widely used network protocol analyzer in the world, has been formally released by the Wireshark Foundation This article explores performance stability wireshark. . This release fixes a number of functional bugs and security flaws that could affect performance and stability.

Wireshark is used for troubleshooting and education by network administrators, security analysts, and developers. Because it addresses vulnerabilities that could expose users to Denial-of-Service (DoS) attacks via particular protocol dissectors, this update is especially important. Three specific security flaws found in earlier iterations are fixed in the 4.6.4 release. These flaws affect protocol dissectors, which Wireshark uses to decode network traffic, and include memory exhaustion and crash loops.

Description of the Vulnerability or Problem with the USB HID Dissector Fatigue of Memory Overuse of memory due to corrupted USB HID packets may result in crashes or instability.

Network Time Security Particular to NTS-KE Dissector Crash Analyzer crashes may result from Key Establishment traffic patterns. To avoid crashes when examining RF4CE (Radio Frequency for Consumer Electronics) traffic, the RF4CE Profile Dissector Crash Stability issue has been resolved. Important Bug Fixes and Enhancements to Performance Important stability fixes are included in Wireshark 4.6.4 in addition to security patches.

A significant performance problem with "Expert Info" has been fixed; previously, this feature experienced quadratic performance degradation, growing noticeably slower as data volume rose. Other technical solutions consist of: Category Correction/Improvement TShark Stability When the output format was set to BLF, segmentation errors in TShark and editcap were fixed. Wiretap writing of invalid PCAPNG Darwin option blocks and custom string options was fixed, restoring the integrity of the captured file.

Dissector Adjustments Fixed RDM status decoding and resolved TDS desynchronization in the Art-Net PollReply dissector. Fuzzing Accidents Zigbee Direct Tunneling fuzz testing revealed a fixed crash. In order to guarantee accurate decoding, support for a large number of current protocols has been updated even though no new protocols were added in this release.

Art-Net, BGP, IEEE 802.11, IPv6, MySQL, NAS-5GS, and Socks are among the updated protocols. Additionally, support for BLF and pcapng formats for capture files has been enhanced. Learn more Email gateway that is secure Preventing data loss DLP Appliances for network security It is recommended that users update to Wireshark 4.6.4 right away to guarantee a stable and secure analysis environment. You can download the most recent version straight from the Wireshark Foundation website.

X, LinkedIn, and X for daily updates on cybersecurity.

To have your stories featured, get in touch with us.