Unrated severityNVD Advisory· Published Feb 20, 2025· Updated Mar 27, 2026
Uncontrolled Recursion in Wireshark
CVE-2025-1492
Description
Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file
Affected products
13- osv-coords11 versionspkg:rpm/almalinux/wiresharkpkg:rpm/almalinux/wireshark-clipkg:rpm/almalinux/wireshark-develpkg:rpm/opensuse/wireshark&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweedpkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7
< 1:4.4.2-3.el10_0+ 10 more
- (no CPE)range: < 1:4.4.2-3.el10_0
- (no CPE)range: < 1:4.4.2-3.el10_0
- (no CPE)range: < 1:4.4.2-3.el10_0
- (no CPE)range: < 4.2.11-150600.18.20.1
- (no CPE)range: < 4.4.4-2.1
- (no CPE)range: < 11.0.0-150700.4.19.1
- (no CPE)range: < 11.0.0-150700.4.19.1
- (no CPE)range: < 4.2.11-150600.18.20.1
- (no CPE)range: < 4.6.4-150700.21.8.1
- (no CPE)range: < 4.2.11-150600.18.20.1
- (no CPE)range: < 4.6.4-150700.21.8.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- gitlab.com/wireshark/wireshark/-/issues/20373mitreissue-trackingpermissions-required
- www.wireshark.org/security/wnpa-sec-2025-01.htmlmitre
News mentions
0No linked articles in our index yet.