Description
UMTS FP protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
Published: 2026-07-08
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A heap‑based buffer overflow exists in the UMTS FP protocol dissector of Wireshark versions 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16, causing the application to crash when a user opens or imports a capture file that contains a specifically crafted UMTS FP packet. The flaw is a classic CWE‑122 buffer overflow that results in denial of service, allowing an attacker to disrupt the availability of the Wireshark process for the user.

Affected Systems

The vulnerability impacts Wireshark releases from the Wireshark Foundation. Affected versions are 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16. All other Wireshark releases are not affected.

Risk and Exploitability

With a CVSS score of 5.5 the vulnerability is of moderate severity. The EPSS score is not available and the issue is not listed in the CISA KEV catalog, indicating a lower likelihood of widespread exploitation. The attack vector is inferred to be local or remote delivery of a malicious capture file that triggers the UMTS FP dissector, resulting in a controlled crash and denial of service for the victim user. No privilege escalation or data disclosure occurs, but repeated exploitation can deny users access to Wireshark for network analysis.

Generated by OpenCVE AI on July 9, 2026 at 03:59 UTC.

Remediation

Vendor Solution

Upgrade to version 4.6.7 or above


OpenCVE Recommended Actions

  • Upgrade Wireshark to version 4.6.7 or later
  • Until the patch is applied, avoid opening or importing any capture files that may contain UMTS FP packets
  • If analysis of such files is necessary, run Wireshark inside a controlled or isolated environment to contain any potential crash

Generated by OpenCVE AI on July 9, 2026 at 03:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 09 Jul 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 09 Jul 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1286
References
Metrics threat_severity

None

threat_severity

Moderate


Wed, 08 Jul 2026 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Wireshark
Wireshark wireshark
Vendors & Products Wireshark
Wireshark wireshark

Wed, 08 Jul 2026 21:15:00 +0000

Type Values Removed Values Added
Description UMTS FP protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
Title Heap-based Buffer Overflow in Wireshark
Weaknesses CWE-122
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}


Subscriptions

Wireshark Wireshark
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-07-09T13:45:27.007Z

Reserved: 2026-07-08T20:45:43.874Z

Link: CVE-2026-15169

cve-icon Vulnrichment

Updated: 2026-07-09T13:45:19.016Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-07-08T20:51:05Z

Links: CVE-2026-15169 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-07-09T04:00:11Z

Weaknesses
  • CWE-122

    Heap-based Buffer Overflow

  • CWE-1286

    Improper Validation of Syntactic Correctness of Input