Skip to main content

Wireshark CVE-2026-6527

| EUVDEUVD-2026-26334 MEDIUM
Uncontrolled Recursion (CWE-674)
2026-04-30 GitLab
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
5.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Patch released
May 01, 2026 - 19:28 nvd
Patch available
Patch available
Apr 30, 2026 - 08:16 EUVD
Analysis Generated
Apr 30, 2026 - 06:46 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 06:30 euvd
EUVD-2026-26334
Analysis Generated
Apr 30, 2026 - 06:30 vuln.today
CVE Published
Apr 30, 2026 - 05:35 nvd
MEDIUM 5.5

DescriptionCVE.org

ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

AnalysisAI

Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 crash when processing malformed ASN.1 PER protocol packets, enabling local denial of service against users opening crafted capture files. The vulnerability requires user interaction (opening a file or receiving a live packet capture) but allows an attacker to hang or crash the application without authentication. No active exploitation has been confirmed in public sources.

Technical ContextAI

The ASN.1 PER (Packed Encoding Rules) dissector in Wireshark is responsible for parsing ASN.1-encoded protocol messages in a compact binary format. The vulnerability stems from CWE-674 (Uncontrolled Recursion), which occurs when the dissector processes specially crafted ASN.1 PER payloads that trigger recursive function calls without sufficient depth limits. When a malformed packet is opened in Wireshark-either from a capture file or live network traffic-the unbounded recursion exhausts the call stack, causing immediate application termination.

RemediationAI

Upgrade Wireshark to version 4.6.5 or later (for the 4.6.x line) or 4.4.15 or later (for the 4.4.x line). The Wireshark Foundation has released patched versions addressing the uncontrolled recursion in the ASN.1 PER dissector. Users unable to upgrade immediately should avoid opening or analyzing untrusted .pcap files and disable automatic opening of capture files from email or downloads. Additionally, if Wireshark is deployed in a shared analysis environment, restrict file access permissions to prevent low-privilege users from feeding malicious captures into the application. See https://www.wireshark.org/security/wnpa-sec-2026-34.html for official patched versions and timelines.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed

Share

CVE-2026-6527 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy