Security update for wireshark

Announcement ID:	SUSE-SU-2026:21559-1
Release Date:	2026-05-06T00:08:30Z
Rating:	important
References:	bsc#1258907 bsc#1258909 bsc#1263726 bsc#1263728 bsc#1263729 bsc#1263731 bsc#1263732 bsc#1263733 bsc#1263734 bsc#1263735 bsc#1263736 bsc#1263737 bsc#1263739 bsc#1263741 bsc#1263742 bsc#1263743 bsc#1263744 bsc#1263745 bsc#1263746 bsc#1263747 bsc#1263749 bsc#1263750 bsc#1263751 bsc#1263752 bsc#1263753 bsc#1263754 bsc#1263756 bsc#1263757 bsc#1263762 bsc#1263765 bsc#1263766 bsc#1263767 bsc#1263809
Cross-References:	CVE-2026-3201 CVE-2026-3203 CVE-2026-5299 CVE-2026-5401 CVE-2026-5403 CVE-2026-5404 CVE-2026-5405 CVE-2026-5406 CVE-2026-5407 CVE-2026-5408 CVE-2026-5409 CVE-2026-5653 CVE-2026-5654 CVE-2026-5656 CVE-2026-5657 CVE-2026-6519 CVE-2026-6520 CVE-2026-6521 CVE-2026-6522 CVE-2026-6523 CVE-2026-6524 CVE-2026-6527 CVE-2026-6529 CVE-2026-6530 CVE-2026-6531 CVE-2026-6532 CVE-2026-6533 CVE-2026-6534 CVE-2026-6535 CVE-2026-6537 CVE-2026-6538 CVE-2026-6868 CVE-2026-6869
CVSS scores:	CVE-2026-3201 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2026-3201 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-3201 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-3201 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-3203 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2026-3203 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-3203 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-3203 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5299 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5299 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5401 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5401 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5403 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-5404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5404 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5405 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-5405 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-5406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5406 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5407 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5407 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5408 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5408 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5409 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5653 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5653 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5653 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-5654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5654 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5654 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-5656 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-5656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-5656 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-5657 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5657 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-5657 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-6519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6519 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-6519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6520 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6520 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-6521 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6521 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6522 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6522 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6523 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6524 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6527 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6527 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6529 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6530 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6531 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6532 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6533 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6533 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6534 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6534 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6535 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6535 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6537 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6537 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6538 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6538 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6868 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6868 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-6869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2026-6869 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:	SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Server for SAP applications 16.0

An update that solves 33 vulnerabilities can now be installed.

Description:

This update for wireshark fixes the following issues

• CVE-2026-3201: missing limit checks in USB HID protocol dissector's parse_report_descriptor function can lead to memory exhaustion (bsc#1258907).
• CVE-2026-3203: missing length checks in the RF4CE Profile protocol dissector can lead to illegal memory access and crash (bsc#1258909).
• CVE-2026-5299: ICMPv6 dissector crash (bsc#1263757).
• CVE-2026-5401: AFP dissector crash (bsc#1263756).
• CVE-2026-5403: SBC audio codec crash (bsc#1263765).
• CVE-2026-5404: K12 RF5 file parser crash (bsc#1263766).
• CVE-2026-5405: RDP dissector crash (bsc#1263767).
• CVE-2026-5406: FC-SWILS dissector crash (bsc#1263754).
• CVE-2026-5407: SMB2 dissector infinite loop (bsc#1263753).
• CVE-2026-5408: BT-DHT dissector crash (bsc#1263752).
• CVE-2026-5409: Monero dissector crash (bsc#1263751).
• CVE-2026-5653: DCP-ETSI dissector crash (bsc#1263750).
• CVE-2026-5654: AMR-NB audio codec crash (bsc#1263749).
• CVE-2026-5656: Profile import crash and possible code execution (bsc#1263809).
• CVE-2026-5657: iLBC audio codec crash (bsc#1263747).
• CVE-2026-6519: MBIM protocol dissector infinite loop (bsc#1263746).
• CVE-2026-6520: OpenFlow v6 protocol dissector infinite loop (bsc#1263745).
• CVE-2026-6521: OpenFlow v5 protocol dissector infinite loops (bsc#1263744).
• CVE-2026-6522: RPKI-Router protocol dissector infinite loop (bsc#1263743).
• CVE-2026-6523: GNW protocol dissector infinite loop (bsc#1263742).
• CVE-2026-6524: MySQL protocol dissector crash (bsc#1263741).
• CVE-2026-6527: ASN.1 PER dissector crash (bsc#1263739).
• CVE-2026-6529: iLBC audio codec crash (bsc#1263737).
• CVE-2026-6530: DCP-ETSI protocol dissector crash (bsc#1263736).
• CVE-2026-6531: SANE protocol dissector infinite loop (bsc#1263735).
• CVE-2026-6532: Kismet protocol dissector crash (bsc#1263734).
• CVE-2026-6533: Dissection engine LZ77 decompression crash (bsc#1263733).
• CVE-2026-6534: USB HID dissector infinite loop (bsc#1263732).
• CVE-2026-6535: Dissection engine zlib decompression crash (bsc#1263731).
• CVE-2026-6537: ZigBee dissector crash (bsc#1263729).
• CVE-2026-6538: BEEP dissector crash (bsc#1263728).
• CVE-2026-6868: HTTP protocol dissector crash (bsc#1263762).
• CVE-2026-6869: WebSocket protocol dissector crash (bsc#1263726).

Changes for wireshark:

• Updated to 4.4.15

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Server for SAP applications 16.0
  zypper in -t patch SUSE-SLES-16.0-702=1
• SUSE Linux Enterprise Server 16.0
  zypper in -t patch SUSE-SLES-16.0-702=1

Package List:

• SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64)
  • libwsutil16-debuginfo-4.4.15-160000.1.1
  • wireshark-debuginfo-4.4.15-160000.1.1
  • libwiretap15-debuginfo-4.4.15-160000.1.1
  • wireshark-debugsource-4.4.15-160000.1.1
  • wireshark-ui-qt-4.4.15-160000.1.1
  • libwireshark18-debuginfo-4.4.15-160000.1.1
  • libwsutil16-4.4.15-160000.1.1
  • libwireshark18-4.4.15-160000.1.1
  • wireshark-ui-qt-debuginfo-4.4.15-160000.1.1
  • wireshark-devel-4.4.15-160000.1.1
  • libwiretap15-4.4.15-160000.1.1
  • wireshark-4.4.15-160000.1.1
• SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64)
  • libwsutil16-debuginfo-4.4.15-160000.1.1
  • wireshark-debuginfo-4.4.15-160000.1.1
  • libwiretap15-debuginfo-4.4.15-160000.1.1
  • wireshark-debugsource-4.4.15-160000.1.1
  • wireshark-ui-qt-4.4.15-160000.1.1
  • libwireshark18-debuginfo-4.4.15-160000.1.1
  • libwsutil16-4.4.15-160000.1.1
  • libwireshark18-4.4.15-160000.1.1
  • wireshark-ui-qt-debuginfo-4.4.15-160000.1.1
  • wireshark-devel-4.4.15-160000.1.1
  • libwiretap15-4.4.15-160000.1.1
  • wireshark-4.4.15-160000.1.1

References:

• https://www.suse.com/security/cve/CVE-2026-3201.html
• https://www.suse.com/security/cve/CVE-2026-3203.html
• https://www.suse.com/security/cve/CVE-2026-5299.html
• https://www.suse.com/security/cve/CVE-2026-5401.html
• https://www.suse.com/security/cve/CVE-2026-5403.html
• https://www.suse.com/security/cve/CVE-2026-5404.html
• https://www.suse.com/security/cve/CVE-2026-5405.html
• https://www.suse.com/security/cve/CVE-2026-5406.html
• https://www.suse.com/security/cve/CVE-2026-5407.html
• https://www.suse.com/security/cve/CVE-2026-5408.html
• https://www.suse.com/security/cve/CVE-2026-5409.html
• https://www.suse.com/security/cve/CVE-2026-5653.html
• https://www.suse.com/security/cve/CVE-2026-5654.html
• https://www.suse.com/security/cve/CVE-2026-5656.html
• https://www.suse.com/security/cve/CVE-2026-5657.html
• https://www.suse.com/security/cve/CVE-2026-6519.html
• https://www.suse.com/security/cve/CVE-2026-6520.html
• https://www.suse.com/security/cve/CVE-2026-6521.html
• https://www.suse.com/security/cve/CVE-2026-6522.html
• https://www.suse.com/security/cve/CVE-2026-6523.html
• https://www.suse.com/security/cve/CVE-2026-6524.html
• https://www.suse.com/security/cve/CVE-2026-6527.html
• https://www.suse.com/security/cve/CVE-2026-6529.html
• https://www.suse.com/security/cve/CVE-2026-6530.html
• https://www.suse.com/security/cve/CVE-2026-6531.html
• https://www.suse.com/security/cve/CVE-2026-6532.html
• https://www.suse.com/security/cve/CVE-2026-6533.html
• https://www.suse.com/security/cve/CVE-2026-6534.html
• https://www.suse.com/security/cve/CVE-2026-6535.html
• https://www.suse.com/security/cve/CVE-2026-6537.html
• https://www.suse.com/security/cve/CVE-2026-6538.html
• https://www.suse.com/security/cve/CVE-2026-6868.html
• https://www.suse.com/security/cve/CVE-2026-6869.html
• https://bugzilla.suse.com/show_bug.cgi?id=1258907
• https://bugzilla.suse.com/show_bug.cgi?id=1258909
• https://bugzilla.suse.com/show_bug.cgi?id=1263726
• https://bugzilla.suse.com/show_bug.cgi?id=1263728
• https://bugzilla.suse.com/show_bug.cgi?id=1263729
• https://bugzilla.suse.com/show_bug.cgi?id=1263731
• https://bugzilla.suse.com/show_bug.cgi?id=1263732
• https://bugzilla.suse.com/show_bug.cgi?id=1263733
• https://bugzilla.suse.com/show_bug.cgi?id=1263734
• https://bugzilla.suse.com/show_bug.cgi?id=1263735
• https://bugzilla.suse.com/show_bug.cgi?id=1263736
• https://bugzilla.suse.com/show_bug.cgi?id=1263737
• https://bugzilla.suse.com/show_bug.cgi?id=1263739
• https://bugzilla.suse.com/show_bug.cgi?id=1263741
• https://bugzilla.suse.com/show_bug.cgi?id=1263742
• https://bugzilla.suse.com/show_bug.cgi?id=1263743
• https://bugzilla.suse.com/show_bug.cgi?id=1263744
• https://bugzilla.suse.com/show_bug.cgi?id=1263745
• https://bugzilla.suse.com/show_bug.cgi?id=1263746
• https://bugzilla.suse.com/show_bug.cgi?id=1263747
• https://bugzilla.suse.com/show_bug.cgi?id=1263749
• https://bugzilla.suse.com/show_bug.cgi?id=1263750
• https://bugzilla.suse.com/show_bug.cgi?id=1263751
• https://bugzilla.suse.com/show_bug.cgi?id=1263752
• https://bugzilla.suse.com/show_bug.cgi?id=1263753
• https://bugzilla.suse.com/show_bug.cgi?id=1263754
• https://bugzilla.suse.com/show_bug.cgi?id=1263756
• https://bugzilla.suse.com/show_bug.cgi?id=1263757
• https://bugzilla.suse.com/show_bug.cgi?id=1263762
• https://bugzilla.suse.com/show_bug.cgi?id=1263765
• https://bugzilla.suse.com/show_bug.cgi?id=1263766
• https://bugzilla.suse.com/show_bug.cgi?id=1263767
• https://bugzilla.suse.com/show_bug.cgi?id=1263809