Detailed in https://www.wireshark.org/security/wnpa-sec-2025-02 Reproducible: Always
Description Some dissectors might crash due to a bug in the column utility module. Impact Discovered in our internal testing environment. We are unaware of any exploits for this issue. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Resolution Upgrade to Wireshark 4.4.7, 4.2.12 or later.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=90992b183da2a4d215c39c3953f4618012a98bc6 commit 90992b183da2a4d215c39c3953f4618012a98bc6 Author: Holger Hoffstätte <holger@applied-asynchrony.com> AuthorDate: 2025-06-05 09:14:03 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2025-06-05 16:05:40 +0000 net-analyzer/wireshark: add 4.4.7 - fix for https://www.wireshark.org/security/wnpa-sec-2025-02 - remove dependency on dev-qt/qtdeclarative (thanks qa-vdb) - python-3.14 support Bug: https://bugs.gentoo.org/957157 Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com> Part-of: https://github.com/gentoo/gentoo/pull/42456 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/wireshark/Manifest | 2 + net-analyzer/wireshark/wireshark-4.4.7.ebuild | 327 ++++++++++++++++++++++++++ 2 files changed, 329 insertions(+)
