Skip to main content

Wireshark CVE-2026-6519

| EUVDEUVD-2026-26327 MEDIUM
Loop with Unreachable Exit Condition (Infinite Loop) (CWE-835)
2026-04-30 GitLab
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
6.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Patch released
May 01, 2026 - 16:41 nvd
Patch available
Patch available
Apr 30, 2026 - 08:16 EUVD
Analysis Generated
Apr 30, 2026 - 06:45 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 06:30 euvd
EUVD-2026-26327
Analysis Generated
Apr 30, 2026 - 06:30 vuln.today
CVE Published
Apr 30, 2026 - 05:33 nvd
MEDIUM 5.5

DescriptionCVE.org

MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

AnalysisAI

Infinite loop in the MBIM protocol dissector of Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 causes denial of service when processing specially crafted MBIM packets. A local user with normal privileges can trigger the infinite loop via user interaction (opening a malicious packet capture file), causing the application to hang and become unresponsive. No code execution or data access is possible; impact is strictly availability.

Technical ContextAI

The MBIM (Mobile Broadband Interface Model) protocol dissector in Wireshark is responsible for parsing MBIM packets in network traffic captures. An improper loop condition (CWE-835: Infinite Loop) in the dissector parsing logic fails to terminate correctly when processing certain packet structures. This vulnerability affects the packet analysis layer of Wireshark, a widely deployed network protocol analyzer used by security professionals, system administrators, and researchers to inspect packet captures. The issue is triggered during the packet dissection phase when a user opens a capture file containing the malicious MBIM packet.

RemediationAI

Upgrade to patched versions immediately: Wireshark 4.6.5 or later for the 4.6.x branch, or Wireshark 4.4.15 or later for the 4.4.x branch. These versions contain a fix to the MBIM dissector loop condition that eliminates the infinite loop. Users unable to upgrade immediately should apply these mitigations: (1) disable or remove the MBIM protocol dissector via Wireshark's dissector configuration if MBIM packet analysis is not required (trades full packet visibility for stability), (2) process untrusted .pcap files in an isolated or sandboxed environment separate from production systems (contains blast radius but adds operational complexity), (3) filter or pre-process MBIM traffic before opening in Wireshark using tcpdump or similar tools to strip MBIM packets (effective if MBIM is not the primary analysis target). Consult WNPA-SEC-2026-41 for platform-specific patch distribution and advisory details.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed

Share

CVE-2026-6519 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy