×
Uncategorized

Wireshark 4.4.9 Released With Critical Bug Fixes and Protocol Updates

The Wireshark Foundation today announced the release of Wireshark 4.4.9, delivering critical stability improvements and updates to its protocol dissectors.

This incremental release, the ninth maintenance update in the 4.4 series, addresses a high-priority security issue and resolves multiple decoder flaws affecting enterprise and academic users alike.

Key Security and Stability Fix

The release fixes a vulnerability in the SSH dissector that could lead to application crashes when parsing certain malformed packets.

Tracked as wnpa-sec-2025-03 and internally logged as Issue 20642, this patch closes an exploitable crash condition, ensuring safer analysis of encrypted sessions.

Beyond the SSH hardening, Wireshark 4.4.9 resolves six additional bugs spanning diverse protocol support:

  • Corrected the RDM Product Detail List ID parsing to prevent misidentification of device parameters (Issue 20612).
  • Repaired SCCP LUDT segmentation, which previously failed to decode segmented Call Control messages (Issue 20647).
  • Ensured Ciscodump capture initialization succeeds on Cisco IOS platforms (Issue 20655).
  • Restored visibility of closing context tag 1 in BACnet WritePropertyMultiple operations (Issue 20665).
  • Fixed an LZ77 decompression error where the length field was incorrectly read as 16 bits instead of 32 bits (Issue 20671).

These corrections enhance the fidelity of packet dissection and prevent unexpected shutdowns during analysis of building automation, telecom, and storage management traffic.

While no net new protocols are introduced in this release, Wireshark now ships with improved dissector logic for several existing protocols:

  • BACapp (Building Automation and Control)
  • LIN (Local Interconnect Network)
  • MySQL database traffic
  • RDM (Remote Device Management)
  • SABP (Storage Array Benchmarking Protocol)
  • SCCP (Signaling Connection Control Part)
  • sFlow (Sampled Flow)
  • SSH (Secure Shell)

These updates refine decoding accuracy, correct field offsets, and bolster support for edge-case payload formats, ensuring researchers and network engineers can rely on Wireshark for precise protocol analysis.

No new capture file formats have been added, and there are no updates to file format decoding in this maintenance release.

Users requiring analysis of emerging capture formats should track upcoming milestone releases.

Wireshark 4.4.9 packages are immediately available for Windows, macOS, and major Linux distributions.

Users of previous 4.4.x versions are encouraged to upgrade promptly to benefit from these critical fixes. For complete details, consult the official release notes at wireshark.org/docs/relnotes/wireshark-4.4.9.html.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.

Related Posts

Post Comment

You May Have Missed

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by