Skip to main content

Wireshark EUVDEUVD-2026-26330

| CVE-2026-6522 MEDIUM
Loop with Unreachable Exit Condition (Infinite Loop) (CWE-835)
2026-04-30 GitLab
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
6.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Patch released
May 01, 2026 - 19:27 nvd
Patch available
Patch available
Apr 30, 2026 - 08:16 EUVD
Analysis Generated
Apr 30, 2026 - 06:45 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 06:30 euvd
EUVD-2026-26330
Analysis Generated
Apr 30, 2026 - 06:30 vuln.today
CVE Published
Apr 30, 2026 - 05:33 nvd
MEDIUM 5.5

DescriptionCVE.org

RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

AnalysisAI

Infinite loop in the RPKI-Router protocol dissector in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 causes denial of service when processing malformed packets. Local attackers with user privileges can trigger the vulnerability through crafted network traffic or pcap files opened in Wireshark, rendering the application unresponsive. No authentication required; user interaction (opening a file or capturing packets) is necessary. No public exploit code or active exploitation in CISA KEV identified at time of analysis.

Technical ContextAI

The vulnerability exists in Wireshark's dissector for the RPKI-Router protocol (RFC 6810, commonly used for securing BGP route origins). Dissectors are protocol parsers that decode captured network traffic. The RPKI-Router dissector contains an infinite loop triggered by malformed packet structure, likely in packet length validation or state machine logic. CWE-835 (Infinite Loop) indicates the dissector fails to properly terminate its parsing routine when encountering unexpected packet conditions. The vulnerability is confined to the protocol dissector layer and does not affect Wireshark's core packet capture or GUI logic; only users who process packets of the affected protocol are at risk.

RemediationAI

Upgrade Wireshark to version 4.6.5 or later for the 4.6.x branch, or to 4.4.15 or later for the 4.4.x branch. Binary installers and source code are available from https://www.wireshark.org/. For users unable to patch immediately, restrict processing of untrusted pcap files or disable RPKI-Router dissector via Wireshark's protocol preferences (Analyze → Enabled Protocols, uncheck 'RPKI_Router'). This mitigation avoids the infinite loop at the cost of inability to inspect RPKI-Router traffic. Security teams should prioritize patching for analysts who regularly handle BGP-related captures; standard web traffic analysis users can defer patching with lower risk. See vendor security advisory https://www.wireshark.org/security/wnpa-sec-2026-42.html for detailed release notes.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed

Share

EUVD-2026-26330 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy