SB2026040287 - SUSE update for wireshark

Main Vulnerability Database SB2026040287

SB2026040287 - SUSE update for wireshark

Published: April 2, 2026

Security Bulletin ID SB2026040287

Severity

Medium

Patch available

YES

Number of vulnerabilities 18

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 18 secuirty vulnerabilities.

1) Infinite loop (CVE-ID: CVE-2024-11595)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the FiveCo RAP dissector. A remote attacker can consume all available system resources and cause denial of service conditions.

2) Input validation error (CVE-ID: CVE-2024-11596)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the ECMP dissector. A remote attacker can send specially crafted traffic to the application and perform a denial of service (DoS) attack.

3) Input validation error (CVE-ID: CVE-2024-9780)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in ITS dissector. A remote attacker can pass send crafted packets to the application and perform a denial of service (DoS) attack.

4) Input validation error (CVE-ID: CVE-2024-9781)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the AppleTalk and RELOAD Framing dissectors. A remote attacker can pass send crafted packets to the application and perform a denial of service (DoS) attack.

5) Input validation error (CVE-ID: CVE-2025-13499)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the Kafka dissector. A remote attacker can trick a victim to read a malformed packet trace file and perform a denial of service (DoS) attack.

6) Input validation error (CVE-ID: CVE-2025-13674)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the BPv7 dissector. A remote attacker can trick a victim to read a malformed packet trace file and perform a denial of service (DoS) attack.

7) Input validation error (CVE-ID: CVE-2025-13945)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in HTTP3 dissector when decrypting traffic using a keylog file or loading a capture file that contains decryption secrets. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

8) Infinite loop (CVE-ID: CVE-2025-13946)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the MEGACO dissector. A remote attacker can send specially crafted data over the network, consume all available system resources and cause denial of service conditions.

9) Input validation error (CVE-ID: CVE-2025-1492)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within Bundle Protocol and CBOR dissectors. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

10) Input validation error (CVE-ID: CVE-2025-5601)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the column utility module within the Dissection engine. A remote attacker can pass specially crafted traffic to the application and perform a denial of service (DoS) attack.

11) Input validation error (CVE-ID: CVE-2025-9817)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the SSH dissector. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

12) Input validation error (CVE-ID: CVE-2026-0959)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in IEEE 802.11 dissector. A remote attacker can send specially crafted input via the network monitored with Wireshark and perform a denial of service (DoS) attack.

13) Infinite loop (CVE-ID: CVE-2026-0960)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in HTTP3 dissector. A remote attacker can consume all available system resources and cause denial of service conditions.

14) Input validation error (CVE-ID: CVE-2026-0961)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in BLF file parser. A remote attacker can send specially crafted input via the network monitored with Wireshark and perform a denial of service (DoS) attack.

15) Input validation error (CVE-ID: CVE-2026-0962)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in SOME/IP-SD dissector. A remote attacker can send specially crafted input via the network monitored with Wireshark and perform a denial of service (DoS) attack.

16) Uncontrolled Memory Allocation (CVE-ID: CVE-2026-3201)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to USB HID protocol dissector memory exhaustion. A remote attacker can trick a victim to open a specially crafted packet trace file and cause a denial of service (DoS) condition on the target system.

17) NULL pointer dereference (CVE-ID: CVE-2026-3202)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the NTS-KE protocol dissector. A remote attacker can trick a victim to open a specially crafted packet trace file and perform a denial of service (DoS) attack.

18) Out-of-bounds read (CVE-ID: CVE-2026-3203)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the RF4CE Profile protocol dissector. A remote attacker can create a specially crafted packet trace file, trick the victim into opening it, trigger an out-of-bounds read error and cause a denial of service condition on the system.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2026/suse-su-20261169-1/

Vulnerable Software

Server Applications Module: 15-SP7
Basesystem Module: 15-SP7
Desktop Applications Module: 15-SP7
SUSE Linux Enterprise Real Time 15: SP7
SUSE Linux Enterprise Server for SAP Applications 15: SP7
SUSE Linux Enterprise Server 15: SP7
SUSE Linux Enterprise Desktop 15: SP7
libvirt-daemon-driver-libxl: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-libxl-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-xen: before 11.0.0-150700.4.19.1
libvirt-doc: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-rbd-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-rbd: before 11.0.0-150700.4.19.1
libvirt-daemon: before 11.0.0-150700.4.19.1
libvirt-daemon-plugin-sanlock: before 11.0.0-150700.4.19.1
libvirt-client-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-qemu-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-common-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage: before 11.0.0-150700.4.19.1
libvirt-daemon-log: before 11.0.0-150700.4.19.1
libvirt-daemon-hooks: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-network: before 11.0.0-150700.4.19.1
libvirt-daemon-proxy-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-iscsi-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-common: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-interface: before 11.0.0-150700.4.19.1
libvirt-daemon-qemu: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-iscsi: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-scsi-debuginfo: before 11.0.0-150700.4.19.1
libvirt-client-qemu: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-logical-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-nodedev-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-plugin-sanlock-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-disk: before 11.0.0-150700.4.19.1
libvirt-daemon-plugin-lockd-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-interface-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-config-network: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-network-debuginfo: before 11.0.0-150700.4.19.1
libvirt-devel: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-mpath-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-scsi: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-nwfilter: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-logical: before 11.0.0-150700.4.19.1
libvirt-daemon-log-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-plugin-lockd: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-iscsi-direct-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-disk-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-qemu: before 11.0.0-150700.4.19.1
libvirt-nss-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-secret: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-nodedev: before 11.0.0-150700.4.19.1
libvirt-daemon-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-iscsi-direct: before 11.0.0-150700.4.19.1
libvirt-daemon-lock: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-core-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-secret-debuginfo: before 11.0.0-150700.4.19.1
libvirt: before 11.0.0-150700.4.19.1
libvirt-client: before 11.0.0-150700.4.19.1
libvirt-nss: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-mpath: before 11.0.0-150700.4.19.1
libvirt-daemon-lock-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-proxy: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-nwfilter-debuginfo: before 11.0.0-150700.4.19.1
libvirt-daemon-config-nwfilter: before 11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-core: before 11.0.0-150700.4.19.1
wireshark-devel: before 4.6.4-150700.21.8.1
wireshark-ui-qt-debuginfo: before 4.6.4-150700.21.8.1
wireshark-ui-qt: before 4.6.4-150700.21.8.1
libwsutil17: before 4.6.4-150700.21.8.1
libwireshark19-debuginfo: before 4.6.4-150700.21.8.1
wireshark-debuginfo: before 4.6.4-150700.21.8.1
libvirt-debugsource: before 11.0.0-150700.4.19.1
libvirt-libs: before 11.0.0-150700.4.19.1
libwireshark19: before 4.6.4-150700.21.8.1
libvirt-libs-debuginfo: before 11.0.0-150700.4.19.1
libwiretap16: before 4.6.4-150700.21.8.1
wireshark: before 4.6.4-150700.21.8.1
libwiretap16-debuginfo: before 4.6.4-150700.21.8.1
wireshark-debugsource: before 4.6.4-150700.21.8.1
libwsutil17-debuginfo: before 4.6.4-150700.21.8.1