In a recent announcement, the Wireshark development team has released version Wireshark 4.2.6 of their popular network protocol analyzer. This latest update, part of the 4.2.x series, brings crucial security patches and resolves several bugs, enhancing the software’s overall stability and security.
Wireshark is a well-known open-source network protocol analyzer that lets users view and record real-time network data.
The new release tackles a significant security issue in SPRT Dissector Crash (wnpa-sec-2024-10)
The SPRT dissector crash, identified as wnpa-sec-2024-10, was reported on July 10, 2024. This vulnerability affects Wireshark versions 4.2.0 to 4.2.5 and 4.0.0 to 4.0.16. The issue is documented in Wireshark issue 19559.
The vulnerability involves the SPRT dissector, which could cause Wireshark to crash when processing a malformed packet. This crash can occur either by injecting a malformed packet onto the network or by getting someone to open a malformed packet trace file.
"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo
The primary risk is that an attacker could exploit this vulnerability to crash Wireshark, potentially disrupting network analysis and diagnostics.
Notable Bug Fixes
Wireshark 4.2.6 also addresses several bugs, including:
- Corrections to the SOME/IP dissector
- Improvements to the QUIC TLS decryption process
- Resolution of issues with the SCTP INIT chunk dissector
- Fixes for the MGCP dissector to prevent potential infinite loops
Wireshark 4.2.6 brings you updated protocol support for the following:
DHCP, E.212, MySQL, NAS-5GS, PKT CCC, ProtoBuf, RADIUS, RLC-LTE, RTP, SIP, SPRT, Thrift, and Wi-SUN
How to Upgrade Wireshark 4.2.6
Users can download Wireshark 4.2.6 from the official website. The development team strongly recommends that all users upgrade to this latest version to benefit from the security enhancements and bug fixes.
The full release notes are available on the Wireshark website for those interested in the complete list of changes, including source code and installation packages.
“Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.” Wireshark said.
This update underscores the Wireshark team’s commitment to maintaining the security and reliability of their software, which remains a crucial tool for network administrators and security professionals worldwide.
Learning Wireshark enhances your ability to monitor and analyze network traffic, aiding in troubleshooting, optimizing performance, and improving security. You can take a wireshark course bundle with 50 hours of in-depth training.
Join our free webinar to learn about combating slow DDoS attacks, a major threat today.