Unrated severityNVD Advisory· Published Jun 4, 2025· Updated Mar 27, 2026
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark
CVE-2025-5601
Description
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file
Affected products
11- osv-coords9 versionspkg:rpm/opensuse/wireshark&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweedpkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 4.2.12-150600.18.23.1+ 8 more
- (no CPE)range: < 4.2.12-150600.18.23.1
- (no CPE)range: < 4.4.7-1.1
- (no CPE)range: < 11.0.0-150700.4.19.1
- (no CPE)range: < 11.0.0-150700.4.19.1
- (no CPE)range: < 4.2.12-150600.18.23.1
- (no CPE)range: < 4.2.12-150600.18.23.1
- (no CPE)range: < 4.2.12-150600.18.23.1
- (no CPE)range: < 4.2.12-150600.18.23.1
- (no CPE)range: < 2.4.16-48.63.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- gitlab.com/wireshark/wireshark/-/issues/20509mitreissue-trackingpermissions-required
- www.wireshark.org/security/wnpa-sec-2025-02.htmlmitre
News mentions
0No linked articles in our index yet.