Description
GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Published: 2026-04-30
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an infinite loop introduced in the GNW protocol dissector of Wireshark. This loop has the effect of consuming CPU resources and eventually causing the application to hang, resulting in a denial of service to the user or the system the software runs on. The weakness is classified as CWE-835, which refers to an infinite loop that does not terminate.

Affected Systems

Wireshark, released by Wireshark Foundation. Versions affected are 4.6.0 through 4.6.4 and 4.4.0 through 4.4.14, which are all prior to the patch that was released in 4.6.5.

Risk and Exploitability

The CVSS score of 5.5 indicates a medium severity flaw. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is local – an attacker can supply a crafted capture file or network traffic that forces Wireshark’s GNW dissector into the infinite loop. Once triggered, the loop will drain CPU resources and stall the application, denying service to the running user. Because the exploit requires the victim to run Wireshark with the malicious data, the risk is confined to the local environment, but the impact can bring down the application for the user while Wireshark is in use.

Generated by OpenCVE AI on April 30, 2026 at 13:50 UTC.

Remediation

Vendor Solution

Upgrade to version 4.6.5 or above

OpenCVE Recommended Actions

  • Upgrade Wireshark to version 4.6.5 or later, which contains the necessary fix for the infinite loop in the GNW dissector.
  • If an upgrade is not immediately possible, avoid opening or importing capture files that may trigger the GNW dissector; verify the source of capture data before processing.
  • Restart Wireshark immediately and consider quarantining the session if the application becomes unresponsive, until the software can be updated or the data source validated.

Generated by OpenCVE AI on April 30, 2026 at 13:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 30 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 30 Apr 2026 07:45:00 +0000

Type Values Removed Values Added
First Time appeared Wireshark
Wireshark wireshark
Vendors & Products Wireshark
Wireshark wireshark

Thu, 30 Apr 2026 06:30:00 +0000

Type Values Removed Values Added
Description GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Title Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
Weaknesses CWE-835
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Wireshark Wireshark
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-04-30T15:20:03.000Z

Reserved: 2026-04-17T15:05:27.716Z

Link: CVE-2026-6523

cve-icon Vulnrichment

Updated: 2026-04-30T15:03:31.423Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-04-30T07:16:39.510

Modified: 2026-04-30T15:10:10.430

Link: CVE-2026-6523

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-30T14:00:22Z

Weaknesses