What is Wireshark?
Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.
What’s New
This release fixes a forward compatibility issue with the I/O Graphs preferences.
Bug Fixes
The following vulnerabilities have been fixed:
-
wnpa-sec-2021-07 Bluetooth DHT dissector crash. Issue 17651. CVE-2021-39929.
-
wnpa-sec-2021-08 Bluetooth HCI_ISO dissector crash. Issue 17649. CVE-2021-39926.
-
wnpa-sec-2021-09 Bluetooth SDP dissector crash. Issue 17635. CVE-2021-39925.
-
wnpa-sec-2021-10 Bluetooth DHT dissector large loop. Issue 17677. CVE-2021-39924.
-
wnpa-sec-2021-11 PNRP dissector large loop. Issue 17684.
-
wnpa-sec-2021-12 C12.22 dissector crash. Issue 17636. CVE-2021-39922.
-
wnpa-sec-2021-13 IEEE 802.11 dissector crash. Issue 17704. CVE-2021-39928.
-
wnpa-sec-2021-14 Modbus dissector crash. Issue 17703. CVE-2021-39921.
-
wnpa-sec-2021-15 IPPUSB dissector crash. Issue 17705. CVE-2021-39920.
The following bugs have been fixed:
-
OSS-Fuzz: Heap-use-after-free in ROS Issue 16342.
-
Allow for '\0' (NULL) character as filter instead of requiring 0x00 for the character match Issue 16525.
-
Dumpcap with threads reports double received count vs captured Issue 17089.
-
I/O Graphs values reset to default with 3.5 due to change of UAT Issue 17623.
-
HTTP2 dissector reports an assertion error on large data frames Issue 17633.
-
TShark stops capturing when capturing with multiple files and packet printing enabled Issue 17654.
-
Wireshark is unable to decode the IMSI IE received in BSSMAP Perform Location request Issue 17667.
-
WSLUA: Crash on reload if Proto has no fields Issue 17668.
-
Crash in flow analysis for TCP Issue 17722.
New and Updated Features
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
BT HCI_ISO, BT SDP, BT-DHT, C12.22, CAN FD, CSN1, EAPOL-MKA, EVS, GSM BSSMAP LE, HTTP2, IDMP, IEEE 1905.1a, IEEE 802.11, IPPUSB, Modbus, PNRP, and TCP
New and Updated Capture File Support
pcap
Getting Wireshark
Wireshark source code and installation packages are available from https://www.wireshark.org/download.html.
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.
File Locations
Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About → Folders to find the default locations on your system.
Getting Help
The User’s Guide, manual pages and various other documentation can be found at https://www.wireshark.org/docs/
Community support is available on Wireshark’s Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark’s mailing lists can be found on the web site.
Issues and feature requests can be reported on the issue tracker.
Frequently Asked Questions
A complete FAQ is available on the Wireshark web site.