{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-5601", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2025-06-04T10:30:41.648Z", "datePublished": "2025-06-04T10:30:46.001Z", "dateUpdated": "2025-06-04T13:14:01.435Z"}, "containers": {"cna": {"title": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark", "descriptions": [{"lang": "en", "value": "Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file"}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"version": "4.4.0", "status": "affected", "lessThan": "4.4.7", "versionType": "semver"}, {"version": "4.2.0", "status": "affected", "lessThan": "4.2.13", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "cweId": "CWE-120", "type": "CWE"}]}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2025-02.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/20509", "name": "GitLab Issue #20509", "tags": ["issue-tracking", "permissions-required"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}}], "solutions": [{"lang": "en", "value": "Upgrade to version 4.4.7, 4.2.13 or above."}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2025-06-04T10:30:46.001Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-04T13:13:50.312279Z", "id": "CVE-2025-5601", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-04T13:14:01.435Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-5601", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-04T13:13:50.312279Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-04T13:13:56.157Z"}}], "cna": {"title": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"status": "affected", "version": "4.4.0", "lessThan": "4.4.7", "versionType": "semver"}, {"status": "affected", "version": "4.2.0", "lessThan": "4.2.13", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to version 4.4.7, 4.2.13 or above."}], "references": [{"url": "https://www.wireshark.org/security/wnpa-sec-2025-02.html"}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/20509", "name": "GitLab Issue #20509", "tags": ["issue-tracking", "permissions-required"]}], "descriptions": [{"lang": "en", "value": "Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2025-06-04T10:30:46.001Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5601", "state": "PUBLISHED", "dateUpdated": "2025-06-04T13:14:01.435Z", "dateReserved": "2025-06-04T10:30:41.648Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2025-06-04T10:30:46.001Z", "assignerShortName": "GitLab"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file"}, {"lang": "es", "value": "Los fallos en el manejo de columnas en Wireshark 4.4.0 a 4.4.6 y 4.2.0 a 4.2.12 permiten la denegaci\u00f3n de servicio mediante inyecci\u00f3n de paquetes o un archivo de captura manipulado."}], "id": "CVE-2025-5601", "lastModified": "2025-06-04T14:54:33.783", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "cve@gitlab.com", "type": "Secondary"}]}, "published": "2025-06-04T11:15:22.110", "references": [{"source": "cve@gitlab.com", "url": "https://gitlab.com/wireshark/wireshark/-/issues/20509"}, {"source": "cve@gitlab.com", "url": "https://www.wireshark.org/security/wnpa-sec-2025-02.html"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "cve@gitlab.com", "type": "Primary"}]}

{"bugzilla": {"description": "wireshark: Buffer Overflow in Wireshark", "id": "2370225", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370225"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L", "status": "draft"}, "cwe": "CWE-120", "details": ["Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file", "A buffer overflow vulnerability was found in Wireshark. This vulnerability is triggered when a user views a specifically malformed packet or a pcap file with such a malformed packet."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-5601", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-06-04T10:30:46Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-5601\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-5601\nhttps://gitlab.com/wireshark/wireshark/-/commit/53213086304caa3dfbdd7dc39c2668a3aea1a5c0\nhttps://gitlab.com/wireshark/wireshark/-/issues/20509\nhttps://www.wireshark.org/security/wnpa-sec-2025-02.html"], "statement": "The report makes the assumption that the active user is the root user and calculates the impact based on that assumption. It is not advised to conduct normal operations as the root user and when running as a non-root user, the impact is limited.", "threat_severity": "Moderate"}