Skip to main content

Wireshark EUVDEUVD-2026-26343

| CVE-2026-6536 MEDIUM
Loop with Unreachable Exit Condition (Infinite Loop) (CWE-835)
2026-04-30 GitLab
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
SUSE
MEDIUM
qualitative
Red Hat
6.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

6
Patch released
May 01, 2026 - 18:16 nvd
Patch available
Patch available
Apr 30, 2026 - 08:16 EUVD
Analysis Generated
Apr 30, 2026 - 06:47 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 06:30 euvd
EUVD-2026-26343
Analysis Generated
Apr 30, 2026 - 06:30 vuln.today
CVE Published
Apr 30, 2026 - 05:36 nvd
MEDIUM 5.5

DescriptionCVE.org

DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4

AnalysisAI

Wireshark versions 4.6.0 through 4.6.4 contain an infinite loop vulnerability in the DLMS/COSEM protocol dissector that causes denial of service when processing malformed packets. A local attacker with user privileges can trigger the infinite loop by opening a crafted DLMS/COSEM packet capture file, freezing the application and rendering it unresponsive without requiring authentication or special configuration.

Technical ContextAI

The DLMS/COSEM (Device Language Message Specification / Companion Specification for Energy Metering) protocol dissector in Wireshark is responsible for parsing and displaying DLMS/COSEM network traffic. The vulnerability is classified as CWE-835 (Infinite Loop), indicating that the dissector enters an unbounded loop when processing certain malformed packet structures, likely due to improper bounds checking or termination conditions in the packet parsing logic. The affected versions span the 4.6.x release branch, suggesting the vulnerability was introduced or persisted across multiple minor updates in that series.

RemediationAI

Upgrade Wireshark to version 4.6.5 or later, which contains the fix for the infinite loop vulnerability in the DLMS/COSEM dissector. Until patching is feasible, users should avoid opening or processing untrusted DLMS/COSEM packet capture files (.pcap, .pcapng) from unknown sources. If analysis of potentially malicious captures is necessary, conduct it in an isolated virtual machine or sandbox environment where application hang is tolerable. The Wireshark Foundation advisory at https://www.wireshark.org/security/wnpa-sec-2026-25.html and GitLab issue at https://gitlab.com/wireshark/wireshark/-/issues/21065 provide additional context and may include interim workarounds.

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Basesystem 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed

Share

EUVD-2026-26343 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy