Description
GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Published: 2026-04-30
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from an uninitialized pointer in Wireshark’s GSM RP protocol dissector, a weakness classified as CWE‑824. When a GSM RP packet is parsed, the pointer may reference an undefined memory location, causing the application to crash. This results in a local denial of service for analysts or automated systems that rely on Wireshark’s stability.

Affected Systems

Wireshark Foundation Wireshark versions 4.6.0 through 4.6.4 and 4.4.0 through 4.4.14 are affected. Users of these releases should verify their installed version and plan to upgrade.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity. The EPSS score is 0.00013 (i.e., <1%) and the vulnerability has not been listed in CISA KEV, suggesting limited exploitation data. Based on the description, the most likely attack vector is the delivery of a crafted GSM RP packet to Wireshark, either via intercepted mobile traffic or manually constructed packets, which will trigger the crash and disrupt availability.

Generated by OpenCVE AI on May 2, 2026 at 00:24 UTC.

Remediation

Vendor Solution

Upgrade to version 4.6.5 or above

OpenCVE Recommended Actions

  • Upgrade Wireshark to version 4.6.5 or later.
  • If an upgrade cannot be performed immediately, disable the GSM RP dissector or block GSM RP traffic from reaching Wireshark.
  • Notify users of the service disruption risk and monitor logs for unexpected crashes.

Generated by OpenCVE AI on May 2, 2026 at 00:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 01 May 2026 18:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*

Thu, 30 Apr 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 30 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
First Time appeared Wireshark
Wireshark wireshark
Vendors & Products Wireshark
Wireshark wireshark

Thu, 30 Apr 2026 06:30:00 +0000

Type Values Removed Values Added
Description GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Title Access of Uninitialized Pointer in Wireshark
Weaknesses CWE-824
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Wireshark Wireshark
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-04-30T12:25:36.207Z

Reserved: 2026-04-22T16:29:33.845Z

Link: CVE-2026-6870

cve-icon Vulnrichment

Updated: 2026-04-30T12:25:32.941Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-30T07:16:41.590

Modified: 2026-05-01T18:11:06.100

Link: CVE-2026-6870

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T00:30:16Z

Weaknesses