Official certification from the Wireshark Foundation is available! Learn about becoming a Wireshark Certified Analyst.

wnpa-sec-2026-04 · HTTP3 dissector infinite loop

Summary

Name: HTTP3 dissector infinite loop

Docid: wnpa-sec-2026-04

Date: Jan 14, 2026

Affected versions: 4.6.0 to 4.6.2, 4.4.0 to 4.4.12

Fixed versions: 4.6.3, 4.4.13

References:

Wireshark issue 20944.

Details

Description

The HTTP3 dissector could go into an infinite loop when decrypting traffic.

Impact

Discovered by Tom Needham. We are unaware of any exploits for this issue. It may be possible to make Wireshark consume excessive CPU resources by convincing someone to read a malformed packet trace file.

Resolution

Upgrade to Wireshark 4.6.3, 4.4.13 or later.