CVE-2026-15172 in Wiresharkinfo

Summary

by MITRE • 07/09/2026

FMP/NOTIFY protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 07/09/2026

The FMP/NOTIFY protocol dissector vulnerability in Wireshark represents a critical denial of service weakness that affects multiple versions of the popular network analysis tool. This vulnerability specifically targets the dissector responsible for interpreting FMP/NOTIFY protocol packets, which is commonly used in file management and notification services within network communications. The flaw manifests as a crash condition that occurs when Wireshark processes specially crafted FMP/NOTIFY protocol traffic, effectively rendering the application unusable until manually restarted.

The technical implementation of this vulnerability stems from insufficient input validation within the dissector code that handles FMP/NOTIFY protocol parsing. When Wireshark encounters malformed or unexpected packet structures in FMP/NOTIFY protocol traffic, the dissector fails to properly handle the exceptional conditions, leading to memory corruption and subsequent application crash. This behavior aligns with common software security principles where inadequate error handling leads to exploitable conditions that can be leveraged for denial of service attacks.

From an operational perspective this vulnerability poses significant risks to network analysts and security professionals who rely on Wireshark for network traffic analysis. The impact extends beyond simple application instability as it can disrupt critical network monitoring activities, particularly in environments where automated network analysis tools depend on Wireshark functionality. Attackers could exploit this weakness by simply transmitting malicious FMP/NOTIFY protocol packets to any system running the vulnerable Wireshark versions, causing immediate service disruption without requiring advanced exploitation techniques.

The vulnerability maps directly to CWE-121, which addresses heap-based buffer overflow conditions in software implementations, and also relates to CWE-248, covering exposure of exception handling mechanisms. According to ATT&CK framework domain T1499, this weakness falls under the category of Network Denial of Service attacks where adversaries leverage application-level vulnerabilities to disrupt services. The exploitability of this condition is particularly concerning given that it requires no authentication or specialized privileges beyond sending network traffic, making it accessible to any attacker with basic network access.

Mitigation strategies should prioritize immediate patching of affected Wireshark versions to the latest stable releases that contain fixed dissector implementations. Network administrators should also implement network segmentation and packet filtering rules to prevent unauthorized FMP/NOTIFY protocol traffic from reaching systems running vulnerable Wireshark installations. Additionally, organizations should consider deploying alternative network analysis tools for critical monitoring functions while maintaining awareness of potential indirect impacts on security operations due to the disruption of essential analytical capabilities.

Security teams must also establish incident response procedures specifically addressing dissector crashes and application instability in network analysis tools. Regular vulnerability assessments should include verification of dissector functionality across all supported protocols, particularly those commonly used in enterprise environments. The remediation process should extend beyond simple patch deployment to include comprehensive testing of network monitoring infrastructure to ensure continued operational capability following security updates.

Responsible

GitLab

Reservation

07/08/2026

Disclosure

07/09/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Do you need the next level of professionalism?

Upgrade your account now!