Skip to main content

Wireshark CVE-2026-6525

| EUVDEUVD-2026-26785 MEDIUM
NULL Pointer Dereference (CWE-476)
2026-05-02 GitLab
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
5.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Patch released
May 04, 2026 - 16:16 nvd
Patch available
Patch available
May 02, 2026 - 13:01 EUVD
Analysis Generated
May 02, 2026 - 12:32 vuln.today
EUVD ID Assigned
May 02, 2026 - 12:00 euvd
EUVD-2026-26785
Analysis Generated
May 02, 2026 - 12:00 vuln.today
CVE Published
May 02, 2026 - 11:33 nvd
MEDIUM 5.5

DescriptionCVE.org

IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4

AnalysisAI

Wireshark 4.6.0 through 4.6.4 crashes when processing malformed IEEE 802.11 frames due to a null pointer dereference in the protocol dissector. An attacker can trigger denial of service by crafting or replaying a specially malformed wireless packet that causes the dissector to crash when analyzed, rendering packet analysis impossible until the application restarts. CVSS score 5.5 reflects local attack vector with user interaction required; no public exploit code has been identified at time of analysis.

Technical ContextAI

The IEEE 802.11 protocol dissector in Wireshark parses wireless frames captured from network interfaces or pcap files. A null pointer dereference (CWE-476) occurs when the dissector attempts to access memory through an uninitialized or null pointer without validation. This flaw is specific to the 802.11 frame parsing logic in affected versions and is triggered by malformed frame structures that bypass existing validation checks, allowing crafted packets to dereference null pointers and crash the dissector process.

RemediationAI

Upgrade to Wireshark 4.6.5 or later, which resolves the null pointer dereference in the 802.11 dissector (exact patched version not specified in available data; consult https://www.wireshark.org/security/wnpa-sec-2026-36.html for confirmation). Until patching is possible, avoid opening untrusted pcap files or pcap files from untrusted network sources in Wireshark. Alternatively, disable IEEE 802.11 protocol dissection in Wireshark preferences (Protocols → 802.11) if 802.11 frame analysis is not required for your workflow; this prevents the dissector from running but limits wireless packet inspection capability. For automated pcap processing pipelines, add input validation to reject malformed 802.11 frames before passing to Wireshark, or use alternative packet analysis tools without the vulnerable 802.11 dissector logic until Wireshark is patched.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed

Share

CVE-2026-6525 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy