CVE-2025-5601

Published Jun 4, 2025

Last updated 4 months ago

CVSS high 7.8

Overview

Description
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file
Source
cve@gitlab.com
NVD status
Analyzed
Products
wireshark

Risk scores

CVSS 3.1

Type
Primary
Base score
6.5
Impact score
3.6
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Severity
MEDIUM

Weaknesses

cve@gitlab.com
CWE-120
nvd@nist.gov
CWE-787

Social media

Hype score
Not currently trending

  1. 何かあったんだな…と思いながら あまり深く考えず更新していたけど、 今更ながら調べてみたら…こういう脆弱性に気付く人 すごくね? Wireshark の脆弱性 CVE-2025-5601 が FIX:悪意のパケット・インジェクショ

    @CUI_Commander

    25 Jul 2025

    34 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. ⚠️ CVE-2025-5601: Wireshark dissection engine crash patched by @SUSE (CVSS 7.8). Impacts SLE 15 SP6/SP7, openSUSE Leap. ▶️ Patch via zypper or YaST. Details:👉 https://t.co/yJxA4mD9so #InfoSec #SysAdmin https://t.co/OjHs3uRylM

    @Cezar_H_Linux

    17 Jun 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. ⚠️Vulnerabilidad encontrada en Wireshark ❗CVE-2025-5601 ➡️Más info: https://t.co/VhrsuEMOKp https://t.co/yRg0xA8MGC

    @CERTpy

    11 Jun 2025

    150 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-5601 (CVSS:7.8, HIGH) is Awaiting Analysis. Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or..https://t.co/5J1xYF5woY #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    9 Jun 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 2025年6月4日、Wiresharkの重大な脆弱性CVE-2025-5601が公開された。列ユーティリティモジュールの不具合により、細工されたパケットやキャプチャファイルを処理することでDoS(サービス拒否)を引き起こす可能性

    @yousukezan

    5 Jun 2025

    4881 Impressions

    16 Retweets

    47 Likes

    14 Bookmarks

    0 Replies

    1 Quote

  6. Wireshark4.4.7がリリースされました。主な変更はCVE-2025-5601のダイセクタのクラッシュ、パケットダイアグラムでビット位置の誤り、WobSocketにおいて2番目のメッセージが展開できない、Luaダイセクタ、CIGI、ZigBee

    @ikeriri

    5 Jun 2025

    1473 Impressions

    13 Retweets

    31 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of serviceCVE-2026-3203
  2. NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of serviceCVE-2026-3202
  3. USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of serviceCVE-2026-3201
  4. SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of serviceCVE-2026-0962
  5. BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of serviceCVE-2026-0961

References

Sources include official advisories and independent security research.