What is Wireshark?
Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.
What’s New
We do not ship official 32-bit Windows packages for Wireshark 4.0 and later. If you need to use Wireshark on that platform, we recommend using the latest 3.6 release. Issue 17779
Bug Fixes
The following vulnerabilities have been fixed:
-
wnpa-sec-2024-07 MONGO and ZigBee TLV dissector infinite loops. Issue 19726. CVE-2024-4854.
-
wnpa-sec-2024-08 The editcap command line utility could crash when chopping bytes from the beginning of a packet. Issue 19724. CVE-2024-4853.
-
wnpa-sec-2024-09 The editcap command line utility could crash when injecting secrets while writing multiple files. Issue 19782. CVE-2024-4855.
The following bugs have been fixed:
-
Flow Graph scrolls in the wrong direction vertically when pressing Up/Down. Issue 12932.
-
TCP Stream Window Scaling not working in version 2.6.1 and later. Issue 15016.
-
TCP stream graphs (Window scaling) axis display is confusing. Issue 17425.
-
LUA get_dissector does not give the correct dissector under 32-bit version. Issue 18367.
-
Lua: Segfault when registering a field or expert info twice. Issue 19194.
-
SSH can not decrypt when KEX is [email protected]. Issue 19240.
-
Win64 4.1.0rc0: Crash in Capture Options after closing Manage Interfaces. Issue 19287.
-
NAS 5G message container dissection. Issue 19793.
New and Updated Features
There are no new or updated features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
5co_legacy, DOCSIS MAC MGMT, FC FZS, GQUIC, IPARS, MONGO, NAS-5GS, PTP, SSH, and TIPC
New and Updated Capture File Support
There is no new or updated capture file support in this release.
Updated File Format Decoding Support
There is no updated file format support in this release.
Prior Versions
This document only describes the changes introduced in Wireshark 4.0.15. You can find release notes for prior versions at the following locations:
Getting Wireshark
Wireshark source code and installation packages are available from https://www.wireshark.org/download.html.
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.
File Locations
Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
These locations vary from platform to platform.
You can use tshark -G folders
to find the default locations on your system.
Getting Help
The User’s Guide, manual pages and various other documentation can be found at https://www.wireshark.org/docs/
Community support is available on Wireshark’s Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark’s mailing lists can be found on the web site.
Bugs and feature requests can be reported on the issue tracker.
You can learn protocol analysis and meet Wireshark’s developers at SharkFest.
How You Can Help
The Wireshark Foundation helps as many people as possible understand their networks as much as possible. You can find out more and donate at wiresharkfoundation.org.
Frequently Asked Questions
A complete FAQ is available on the Wireshark web site.