Cl0Und Syclover Security Team

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 3.2.0 through 3.2.5 **Description** The issue is related to the Kafka protocol dissector component in Wireshark, which could crash due to a double free error during LZ4 decompression. This could potentially allow a remote attacker to cause a denial of service. The problem was addressed by modifying the epan/dissectors/packet-kafka.c file to avoid the double free error. **Recommendations** For Wireshark versions 3.2.0 through 3.2.5, update the software to a version where the issue has been fixed, specifically by applying the changes made to the epan/dissectors/packet-kafka.c file to avoid the double free error during LZ4 decompression. As a temporary workaround, consider disabling the Kafka protocol dissector until a patch is available.