Skip to main content

Wireshark EUVDEUVD-2026-26339

| CVE-2026-6532 MEDIUM
Buffer Over-read (CWE-126)
2026-04-30 GitLab
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
5.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Patch released
May 01, 2026 - 18:16 nvd
Patch available
Patch available
Apr 30, 2026 - 08:16 EUVD
Analysis Generated
Apr 30, 2026 - 06:46 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 06:30 euvd
EUVD-2026-26339
Analysis Generated
Apr 30, 2026 - 06:30 vuln.today
CVE Published
Apr 30, 2026 - 05:36 nvd
MEDIUM 5.5

DescriptionCVE.org

Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

AnalysisAI

Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 crash when processing malformed Kismet protocol packets due to a buffer overflow in the Kismet dissector, allowing unauthenticated remote denial of service via a crafted network capture file or live traffic. User interaction (opening a malicious capture file or capturing traffic) is required. No public exploit code or active exploitation has been identified at the time of analysis.

Technical ContextAI

Wireshark is a widely-used packet analysis tool that uses protocol dissectors to parse and display network traffic. The Kismet dissector is responsible for interpreting Kismet wireless sensor protocol frames. CWE-126 indicates a buffer over-read or boundary condition error in the dissector code. When the dissector encounters a malformed Kismet packet with unexpected field lengths or invalid structure, it reads beyond allocated buffer boundaries, triggering a crash. This is a classic memory safety vulnerability common in C-based parsing code where input validation is insufficient.

RemediationAI

Upgrade Wireshark to version 4.6.5 or later for the 4.6.x branch, or to 4.4.15 or later for the 4.4.x branch. These patched versions include bounds checking and input validation improvements in the Kismet dissector. Users unable to upgrade immediately should avoid opening untrusted packet capture (.pcap, .pcapng) files from unknown sources and disable live packet capture in untrusted network environments. For persistent users of older versions, the primary mitigation is process isolation: run Wireshark in a sandbox or as an unprivileged user to limit the scope of a crash to that isolated context. Patch information and fixed versions are documented in https://www.wireshark.org/security/wnpa-sec-2026-29.html.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed

Share

EUVD-2026-26339 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy