CVE-2021-4185: 
Wireshark vulnerability analysis and mitigation

The vulnerability CVE-2021-4185 affects the RTMPT dissector in Wireshark versions 3.6.0 and 3.4.0 to 3.4.10. This security flaw was discovered and disclosed on December 29, 2021, allowing attackers to cause a denial of service through an infinite loop condition via packet injection or crafted capture file (Wireshark Advisory, CVE Mitre).

The vulnerability exists in the RTMPT (Real Time Messaging Protocol Tunneled) dissector component of Wireshark. When processing certain malformed packets or capture files, the dissector can enter an infinite loop state, causing excessive CPU resource consumption (Wireshark Advisory).

The primary impact of this vulnerability is denial of service through excessive CPU resource consumption. When exploited, it can cause Wireshark to become unresponsive while processing malformed RTMPT packets or analyzing crafted capture files (Wireshark Advisory).

The vulnerability was fixed in Wireshark versions 3.6.1 and 3.4.11. Users are strongly recommended to upgrade to these or later versions to mitigate the risk. Various distributions have also released security updates, including Debian (DLA-2967-1), Fedora (versions 3.6.1-1.fc34 and 3.6.1-1.fc35), and Oracle in their April 2022 Critical Patch Update (Debian Advisory, Fedora Update, Oracle Advisory).