OESA-2026-2225
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2225
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2026-2225.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2026-2225
- Upstream
- Published
- 2026-05-09T12:31:33Z
- Modified
- 2026-05-09T12:50:01.969859Z
- Summary
- wireshark security update
- Details
-
Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer.
Security Fix(es):
ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-5299)
AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-5401)
SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution(CVE-2026-5403)
K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-5404)
RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution(CVE-2026-5405)
FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-5406)
SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-5407)
BT-DHT protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-5408)
Monero protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-5409)
DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-5653)
AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-5654)
Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution(CVE-2026-5656)
iLBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-5657)
MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6519)
OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6520)
OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6521)
RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6522)
GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6523)
MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6524)
ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6527)
iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6529)
DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6530)
SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6531)
Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6532)
Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6533)
USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6534)
Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6535)
ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6537)
BEEP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6538)
SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6867)
HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6868)
WebSocket protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6869)
GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-6870)
UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-7375)
Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-7376)
Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-7378)
Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service(CVE-2026-7379)
- Database specific
{ "severity": "High" }- References
-
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2225
- https://nvd.nist.gov/vuln/detail/CVE-2026-5299
- https://nvd.nist.gov/vuln/detail/CVE-2026-5401
- https://nvd.nist.gov/vuln/detail/CVE-2026-5403
- https://nvd.nist.gov/vuln/detail/CVE-2026-5404
- https://nvd.nist.gov/vuln/detail/CVE-2026-5405
- https://nvd.nist.gov/vuln/detail/CVE-2026-5406
- https://nvd.nist.gov/vuln/detail/CVE-2026-5407
- https://nvd.nist.gov/vuln/detail/CVE-2026-5408
- https://nvd.nist.gov/vuln/detail/CVE-2026-5409
- https://nvd.nist.gov/vuln/detail/CVE-2026-5653
- https://nvd.nist.gov/vuln/detail/CVE-2026-5654
- https://nvd.nist.gov/vuln/detail/CVE-2026-5656
- https://nvd.nist.gov/vuln/detail/CVE-2026-5657
- https://nvd.nist.gov/vuln/detail/CVE-2026-6519
- https://nvd.nist.gov/vuln/detail/CVE-2026-6520
- https://nvd.nist.gov/vuln/detail/CVE-2026-6521
- https://nvd.nist.gov/vuln/detail/CVE-2026-6522
- https://nvd.nist.gov/vuln/detail/CVE-2026-6523
- https://nvd.nist.gov/vuln/detail/CVE-2026-6524
- https://nvd.nist.gov/vuln/detail/CVE-2026-6527
- https://nvd.nist.gov/vuln/detail/CVE-2026-6529
- https://nvd.nist.gov/vuln/detail/CVE-2026-6530
- https://nvd.nist.gov/vuln/detail/CVE-2026-6531
- https://nvd.nist.gov/vuln/detail/CVE-2026-6532
- https://nvd.nist.gov/vuln/detail/CVE-2026-6533
- https://nvd.nist.gov/vuln/detail/CVE-2026-6534
- https://nvd.nist.gov/vuln/detail/CVE-2026-6535
- https://nvd.nist.gov/vuln/detail/CVE-2026-6537
- https://nvd.nist.gov/vuln/detail/CVE-2026-6538
- https://nvd.nist.gov/vuln/detail/CVE-2026-6867
- https://nvd.nist.gov/vuln/detail/CVE-2026-6868
- https://nvd.nist.gov/vuln/detail/CVE-2026-6869
- https://nvd.nist.gov/vuln/detail/CVE-2026-6870
- https://nvd.nist.gov/vuln/detail/CVE-2026-7375
- https://nvd.nist.gov/vuln/detail/CVE-2026-7376
- https://nvd.nist.gov/vuln/detail/CVE-2026-7378
- https://nvd.nist.gov/vuln/detail/CVE-2026-7379
Affected packages
openEuler:24.03-LTS-SP3 / wireshark
Package
- Name
- wireshark
- Purl
- pkg:rpm/openEuler/wireshark&distro=openEuler-24.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.15-1.oe2403sp3
Ecosystem specific
{
"x86_64": [
"wireshark-4.4.15-1.oe2403sp3.x86_64.rpm",
"wireshark-debuginfo-4.4.15-1.oe2403sp3.x86_64.rpm",
"wireshark-debugsource-4.4.15-1.oe2403sp3.x86_64.rpm",
"wireshark-devel-4.4.15-1.oe2403sp3.x86_64.rpm"
],
"src": [
"wireshark-4.4.15-1.oe2403sp3.src.rpm"
],
"noarch": [
"wireshark-help-4.4.15-1.oe2403sp3.noarch.rpm"
],
"aarch64": [
"wireshark-4.4.15-1.oe2403sp3.aarch64.rpm",
"wireshark-debuginfo-4.4.15-1.oe2403sp3.aarch64.rpm",
"wireshark-debugsource-4.4.15-1.oe2403sp3.aarch64.rpm",
"wireshark-devel-4.4.15-1.oe2403sp3.aarch64.rpm"
]
}