Infinite loop in Wireshark - CVE-2026-15163
Published: July 9, 2026
Wireshark
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to an infinite loop in the MIH, MPEG DSM-CC, eDonkey, and MEGACO protocol dissectors when parsing malformed packets or crafted packet trace files. A remote attacker can inject a malformed packet onto the wire or convince a victim to open a malformed packet trace file to cause a denial of service.
User interaction is required when exploitation uses a crafted packet trace file.