Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN822
_____________________________________________________________________

DATE                : 20/11/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Wireshark versions prior to 4.6.1,
                                          4.4.11.

=====================================================================
https://www.wireshark.org/security/wnpa-sec-2025-05.html
https://www.wireshark.org/security/wnpa-sec-2025-06.html
_____________________________________________________________________

wnpa-sec-2025-05 · BPv7 dissector crash


Summary

Name: BPv7 dissector crash

Docid: wnpa-sec-2025-05

Date: November 19, 2025

Affected versions: 4.6.0

Fixed versions: 4.6.1

References:

Wireshark issue 20770.


Details

Description

The BPv7 dissector could crash
Impact

Discovered in our internal testing environment. We are unaware of any
exploits for this issue. It may be possible to make Wireshark crash
by injecting a malformed packet onto the wire or by convincing someone
to read a malformed packet trace file.
Resolution

Upgrade to Wireshark 4.6.1 or later.

_____________________________________________________________________


wnpa-sec-2025-06 · Kafka dissector crash


Summary

Name: Kafka dissector crash

Docid: wnpa-sec-2025-06

Date: November 19, 2025

Affected versions: 4.6.0, 4.4.0 to 4.4.10

Fixed versions: 4.6.1, 4.4.11

References:

Wireshark issue 20823.


Details

Description

The Kafka dissector could crash.


Impact

Discovered in our internal testing environment. We are unaware of any
exploits for this issue. It may be possible to make Wireshark crash
by injecting a malformed packet onto the wire or by convincing someone
to read a malformed packet trace file.


Resolution

Upgrade to Wireshark 4.6.1, 4.4.11 or later.


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================