Wireshark network analysis tool protected against possible attacks. The Wireshark developers have closed several security gaps in current version.

The network analysis tool Wireshark has been released in a new version that is protected against DoS attacks.

Security patches

As can be seen from the according Release Notes, the developers have closed a total of five security vulnerabilities in edition 4.2.1. In all cases, attackers can intervene in a connection in a way that is not described in detail and trigger DoS conditions by injecting their own packets.

A classification of the threat level of the vulnerabilities (CVE-2023-0207, CVE-2023-0208, CVE-2023-0209, CVE-2023-0210, CVE-2023-0211) is still pending. Various bugs have also been fixed.

The following bugs have been fixed:

Capture filters not saved to recently used list. Issue 12918.

CFM dissector does not handle Sender ID TLV correctly when Chassis ID Length is zero. Issue 13720.

OSS-Fuzz 64290: wireshark:fuzzshark_ip: Global-buffer-overflow in dissect_zcl_read_attr_struct. Issue 19490.

Overriding capture options set by preference by command line arguments (like -S) doesn’t work. Issue 14549.

Segfault when enabling monitor mode on wireless card that falsely claims to support it. Issue 16693.

Documented format of temporary file name is out of date in the Wireshark User’s Guide. Issue 18464.

Selection highlight lost when interface list is sorted. Issue 19133.

HTTP3 malformed packets. Issue 19475.

Capture filter compilation fails with obscure error message. Issue 19480.

XML: Parsing encoding attribute failed when standalone attribute exists. Issue 19485.

Display filter expressions where the protocol name starts with digit and contains a hyphen are rejected. Issue 19489.

diameter.3GPP-* display filters not working after upgrade to version 4.2.0. Issue 19493.

GigE-vision: Control Protocol shows "unknown" as value for ASCII character set. Issue 19494.

The HTTP/3 Request Header URI is not correct. Issue 19497.

QUIC/TLS not extracting "h3" from ALPN in a capture. Issue 19503.

Documentation on system requirements should be updated. Issue 19512.

4.2.0: init.lua in subdirectories not loaded anymore. Issue 19516.

Malformed SIP/SDP messages: components are not decoded properly. Issue 19518.

heuristic_protos do not reset on profile swap. Issue 19520.

Wireshark 4.2 crashes on Apply As Column. Issue 19521.

NFLOG timestamp is incorrect. Issue 19525.

Qt6 Crash (Double Free) When Attempting to Save TCP Stream Graph. Issue 19529.

Fixed parsing display filter expressions containing literal OID values, e.g. snmp.name == 1.3.6.1.2.1.1.3.0.