CVE-2025-13499

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.4.0 through 4.4.10 Wireshark version 4.6.0

Description A flaw exists in the Kafka dissector of Wireshark that can lead to a denial of service. This occurs when processing specially crafted, malformed Kafka packets. Protocol dissectors represent an attack surface in network analysis tools.

Recommendations Update Wireshark versions prior to 4.4.0 to a newer version. Update Wireshark version 4.6.0 to a newer version.

Exploit

Fix

DoS

Access of Uninitialized Pointer

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-824

Related Identifiers

ALSA-2025:23083

ALSA-2025:23142

ALSA-2025_23142

AZL-70664

CVE-2025-13499

OESA-2025-2743

OESA-2025-2744

OESA-2025-2745

OESA-2025-2746

OESA-2025-2747

OESA-2026-1546

OPENSUSE-SU-2025:15769-1

OPENSUSE-SU-2026:20151-1

RHSA-2025:23083

RHSA-2025:23142

RHSA-2026:0432

RHSA-2026:0433

RHSA-2026:0452

RHSA-2026:0454

RHSA-2026:0483

SUSE-SU-2025:4413-1

SUSE-SU-2025:4440-1

SUSE-SU-2026:1169-1

SUSE-SU-2026:20222-1

Affected Products

Almalinux

Debian

Red Hat

Rocky Linux

Wireshark

CVE-2025-13499

Weakness Enumeration

Related Identifiers

Affected Products

References · 89