Описание
Security update for wireshark
This update for wireshark fixes the following issues:
Update Wireshark to version 4.6.4 (jsc#PED-15400).
- CVE-2024-9780: ITS dissector crash (bsc#1231475).
- CVE-2024-9781: AppleTalk and RELOAD Framing dissector crash (bsc#1231476).
- CVE-2024-11595: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark (bsc#1233594).
- CVE-2024-11596: Buffer Over-read in Wireshark (bsc#1233593).
- CVE-2025-1492: Uncontrolled Recursion in Wireshark (bsc#1237414).
- CVE-2025-5601: Column handling crashes in Wireshark allows denial of service (bsc#1244081).
- CVE-2025-9817: NULL Pointer Dereference in ssh dissector (bsc#1249090).
- CVE-2025-13499: a malformed packet can lead to a Kafka dissector crash (bsc#1254108).
- CVE-2025-13674: injecting a malformed packet can cause a crash (bsc#1254262).
- CVE-2025-13945: HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service (bsc#1254471).
- CVE-2025-13946: MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service (bsc#1254472).
- CVE-2026-0959: denial of service via IEEE 802.11 protocol dissector crash (bsc#1256734).
- CVE-2026-0960: denial of Service via HTTP3 protocol dissector infinite loop (bsc#1256736).
- CVE-2026-0961: denial of Service vulnerability in BLF file parser (bsc#1256738).
- CVE-2026-0962: denial of Service via SOME/IP-SD protocol dissector crash (bsc#1256739).
- CVE-2026-3201: missing limit checks in USB HID protocol dissector's
parse_report_descriptorfunction can lead to memory exhaustion (bsc#1258907). - CVE-2026-3202: missing checks in NTS-KE protocol dissector can lead to crash (bsc#1258908).
- CVE-2026-3203: missing length checks in the RF4CE Profile protocol dissector can lead to illegal memory access and crash (bsc#1258909).
Also libvirt was rebuilt against wireshark for the libvirt plugin.
Список пакетов
Image SLES15-SP7-SAP-EC2
libvirt-client-11.0.0-150700.4.19.1
libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
libvirt-libs-11.0.0-150700.4.19.1
libwireshark19-4.6.4-150700.21.8.1
libwiretap16-4.6.4-150700.21.8.1
libwsutil17-4.6.4-150700.21.8.1
wireshark-4.6.4-150700.21.8.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP7
wireshark-devel-4.6.4-150700.21.8.1
wireshark-ui-qt-4.6.4-150700.21.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP7
libvirt-11.0.0-150700.4.19.1
libvirt-client-11.0.0-150700.4.19.1
libvirt-client-qemu-11.0.0-150700.4.19.1
libvirt-daemon-11.0.0-150700.4.19.1
libvirt-daemon-common-11.0.0-150700.4.19.1
libvirt-daemon-config-network-11.0.0-150700.4.19.1
libvirt-daemon-config-nwfilter-11.0.0-150700.4.19.1
libvirt-daemon-driver-interface-11.0.0-150700.4.19.1
libvirt-daemon-driver-libxl-11.0.0-150700.4.19.1
libvirt-daemon-driver-network-11.0.0-150700.4.19.1
libvirt-daemon-driver-nodedev-11.0.0-150700.4.19.1
libvirt-daemon-driver-nwfilter-11.0.0-150700.4.19.1
libvirt-daemon-driver-qemu-11.0.0-150700.4.19.1
libvirt-daemon-driver-secret-11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-core-11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-disk-11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-iscsi-11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-iscsi-direct-11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-logical-11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-mpath-11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-rbd-11.0.0-150700.4.19.1
libvirt-daemon-driver-storage-scsi-11.0.0-150700.4.19.1
libvirt-daemon-hooks-11.0.0-150700.4.19.1
libvirt-daemon-lock-11.0.0-150700.4.19.1
libvirt-daemon-log-11.0.0-150700.4.19.1
libvirt-daemon-plugin-lockd-11.0.0-150700.4.19.1
libvirt-daemon-plugin-sanlock-11.0.0-150700.4.19.1
libvirt-daemon-proxy-11.0.0-150700.4.19.1
libvirt-daemon-qemu-11.0.0-150700.4.19.1
libvirt-daemon-xen-11.0.0-150700.4.19.1
libvirt-devel-11.0.0-150700.4.19.1
libvirt-doc-11.0.0-150700.4.19.1
libvirt-nss-11.0.0-150700.4.19.1
Ссылки
- Link for SUSE-SU-2026:1169-1
- E-Mail link for SUSE-SU-2026:1169-1
- SUSE Security Ratings
- SUSE Bug 1231475
- SUSE Bug 1231476
- SUSE Bug 1233593
- SUSE Bug 1233594
- SUSE Bug 1237414
- SUSE Bug 1244081
- SUSE Bug 1249090
- SUSE Bug 1254108
- SUSE Bug 1254262
- SUSE Bug 1254471
- SUSE Bug 1254472
- SUSE Bug 1256734
- SUSE Bug 1256736
- SUSE Bug 1256738
- SUSE Bug 1256739
- SUSE Bug 1258907
- SUSE Bug 1258908
Описание
FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2024-11595
- SUSE Bug 1233594
Описание
ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2024-11596
- SUSE Bug 1233593
Описание
ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2024-9780
- SUSE Bug 1231475
Описание
AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2024-9781
- SUSE Bug 1231476
Описание
Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2025-13499
- SUSE Bug 1254108
Описание
BPv7 dissector crash in Wireshark 4.6.0 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2025-13674
- SUSE Bug 1254262
Описание
HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2025-13945
- SUSE Bug 1254471
Описание
MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2025-13946
- SUSE Bug 1254472
Описание
Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2025-1492
- SUSE Bug 1237414
Описание
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2025-5601
- SUSE Bug 1244081
Описание
SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2025-9817
- SUSE Bug 1249090
Описание
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2026-0959
- SUSE Bug 1256734
Описание
HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2026-0960
- SUSE Bug 1256736
Описание
BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2026-0961
- SUSE Bug 1256738
Описание
SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2026-0962
- SUSE Bug 1256739
Описание
USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2026-3201
- SUSE Bug 1258907
Описание
NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2026-3202
- SUSE Bug 1258908
Описание
RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service
Затронутые продукты
Image SLES15-SP7-SAP-EC2:libvirt-client-11.0.0-150700.4.19.1
Image SLES15-SP7-SAP-EC2:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libvirt-libs-11.0.0-150700.4.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark19-4.6.4-150700.21.8.1
Ссылки
- CVE-2026-3203
- SUSE Bug 1258909