How to fix CVE-2025-5601?

Within 24 hours: Identify all systems running vulnerable Wireshark versions (4.2.0-4.2.12, 4.4.0-4.4.6) and assess criticality; restrict Wireshark access to trusted users and isolated network segments. Within 7 days: Implement network segmentation to limit exposure to untrusted packet sources; disable Wireshark on non-essential systems; establish alternative network monitoring tools where possible. Within 30 days: Monitor Wireshark release channels for available patches (4.4.7+, 4.2.13+); prepare and execute patching across all affected systems; validate patch deployment and restore normal operations.

Is Wireshark affected by CVE-2025-5601?

Wireshark versions 4.2.0-4.2.12 and 4.4.0-4.4.6 are vulnerable to denial of service attacks through malicious packet injection or crafted capture files, potentially disrupting network monitoring and incident response capabilities.

CVE-2025-5601

EUVD-2025-16867 HIGH

2025-06-04 [email protected]

7.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch Released

Mar 31, 2026 - 21:13 nvd

Patch available

Analysis Generated

Mar 14, 2026 - 17:29 vuln.today

EUVD ID Assigned

Mar 14, 2026 - 17:29 euvd

EUVD-2025-16867

PoC Detected

Nov 21, 2025 - 18:26 vuln.today

Public exploit code

CVE Published

Jun 04, 2025 - 11:15 nvd

HIGH 7.8

Description

Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file

Analysis

A denial of service vulnerability in Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 (CVSS 7.8) that allows denial of service. Risk factors: public PoC available.

Technical Context

CWE-120 (Classic Buffer Overflow). CVSS 7.8 indicates high severity. Affects Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12.

Affected Products

['Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12']

Remediation

Monitor vendor channels for patch availability. Consider network segmentation to limit exposure if patching is delayed.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +39

POC: +20

Vendor Status

Ubuntu

Priority: Medium

wireshark

Release	Status	Version
trusty	needs-triage	-
xenial	needs-triage	-
bionic	needs-triage	-
focal	needs-triage	-
jammy	needs-triage	-
noble	needs-triage	-
upstream	needs-triage	-
oracular	ignored	end of life, was needs-triage
questing	needs-triage	-
plucky	ignored	end of life, was needs-triage

Debian

Bug #1107515

wireshark

Release	Status	Fixed Version	Urgency
bullseye	fixed	3.4.16-0+deb11u2	-
bullseye (security)	fixed	3.4.16-0+deb11u2	-
bookworm	vulnerable	4.0.17-0+deb12u1	-
bookworm (security)	vulnerable	4.0.11-1~deb12u1	-
trixie	fixed	4.4.14-0+deb13u1	-
trixie (security)	fixed	4.4.13-0+deb13u1	-
forky, sid	fixed	4.6.4-1	-
experimental	fixed	4.4.7-0exp1	-
(unstable)	fixed	4.4.7-1	-

DLA-4479-1

CVE-2025-5601 vulnerability details – vuln.today

Back

CVE-2025-5601

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

CVE-2025-5601

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Ubuntu

Debian

Share

External POC / Exploit Code