Skip to main content

Wireshark EUVDEUVD-2026-26325

| CVE-2026-5655 MEDIUM
Use After Free (CWE-416)
2026-04-30 GitLab
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
5.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Patch released
May 01, 2026 - 16:49 nvd
Patch available
Patch available
Apr 30, 2026 - 08:16 EUVD
Analysis Generated
Apr 30, 2026 - 06:47 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 06:30 euvd
EUVD-2026-26325
Analysis Generated
Apr 30, 2026 - 06:30 vuln.today
CVE Published
Apr 30, 2026 - 05:38 nvd
MEDIUM 5.5

DescriptionCVE.org

SDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 allows denial of service

AnalysisAI

Denial of service in Wireshark 4.6.0 through 4.6.4 via crafted SDP protocol packets allows local attackers with user interaction to crash the application through a use-after-free memory corruption vulnerability in the SDP protocol dissector. EPSS and KEV status not available at analysis time; no public exploit code identified.

Technical ContextAI

Wireshark is a network protocol analyzer that dissects and displays captured packet data. The vulnerability exists in the SDP (Session Description Protocol) dissector component, which parses multimedia session description information typically found in SIP and multimedia sessions. The underlying root cause is CWE-416 (Use After Free), a memory safety issue where freed memory is referenced again, leading to undefined behavior including denial of service or potential code execution. The SDP dissector processes structured text-based protocol messages that describe multimedia sessions, and improper state management or reference tracking in the parser allows this memory corruption condition.

RemediationAI

Upgrade to Wireshark 4.6.5 or later, or to the next stable major release when available. Users unable to immediately patch should avoid opening untrusted or unverified packet capture files (.pcap, .pcapng) and SDP protocol streams in Wireshark until patched. If analysis of potentially malicious SDP traffic is necessary, consider running Wireshark in a sandboxed or isolated environment with reduced privileges to limit impact of a crash. Verify the patch version against the official Wireshark security advisory at https://www.wireshark.org/security/wnpa-sec-2026-19.html before deployment.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed

Share

EUVD-2026-26325 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy