SUSE-SU-2026:2969-1: moderate: Security update for wireshark

SLE-UPDATES null at suse.de
Tue Jul 14 16:39:35 UTC 2026


# Security update for wireshark

Announcement ID: SUSE-SU-2026:2969-1  
Release Date: 2026-07-14T11:23:14Z  
Rating: moderate  
References:

  * bsc#1263725
  * bsc#1263728
  * bsc#1263731
  * bsc#1263734
  * bsc#1263739
  * bsc#1263743
  * bsc#1263744
  * bsc#1263750
  * bsc#1263752
  * bsc#1263753
  * bsc#1263754
  * bsc#1263756
  * bsc#1263758
  * bsc#1263765
  * bsc#1263766

  
Cross-References:

  * CVE-2026-5401
  * CVE-2026-5403
  * CVE-2026-5404
  * CVE-2026-5406
  * CVE-2026-5407
  * CVE-2026-5408
  * CVE-2026-5653
  * CVE-2026-6521
  * CVE-2026-6522
  * CVE-2026-6527
  * CVE-2026-6532
  * CVE-2026-6535
  * CVE-2026-6538
  * CVE-2026-6870
  * CVE-2026-7379

  
CVSS scores:

  * CVE-2026-5401 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5401 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5403 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5403 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-5403 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-5404 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5404 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5404 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5406 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5406 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5407 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5407 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5408 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5408 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5653 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5653 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-5653 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2026-6521 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6521 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6522 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6522 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6527 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6527 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6532 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6532 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6535 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6535 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6538 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6538 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6870 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-6870 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-7379 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-7379 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2026-7379 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves 15 vulnerabilities can now be installed.

## Description:

This update for wireshark fixes the following issues

  * CVE-2026-5401: AFP dissector crash (bsc#1263756).
  * CVE-2026-5403: SBC audio codec crash (bsc#1263765).
  * CVE-2026-5404: K12 RF5 file parser crash (bsc#1263766).
  * CVE-2026-5406: FC-SWILS dissector crash (bsc#1263754).
  * CVE-2026-5407: SMB2 dissector infinite loop (bsc#1263753).
  * CVE-2026-5408: BT-DHT dissector crash (bsc#1263752).
  * CVE-2026-5653: DCP-ETSI dissector crash (bsc#1263750).
  * CVE-2026-6521: OpenFlow v5 protocol dissector infinite loops (bsc#1263744).
  * CVE-2026-6522: RPKI-Router protocol dissector infinite loop (bsc#1263743).
  * CVE-2026-6527: ASN.1 PER dissector crash (bsc#1263739).
  * CVE-2026-6532: Kismet protocol dissector crash (bsc#1263734).
  * CVE-2026-6535: Dissection engine zlib decompression crash (bsc#1263731).
  * CVE-2026-6538: BEEP dissector crash (bsc#1263728).
  * CVE-2026-6870: GSM RP protocol dissector crash (bsc#1263725).
  * CVE-2026-7379: Sharkd utility memory leak (bsc#1263758).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2969=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libwiretap7-debuginfo-2.4.16-48.69.1
    * libwsutil8-2.4.16-48.69.1
    * wireshark-debuginfo-2.4.16-48.69.1
    * libwsutil8-debuginfo-2.4.16-48.69.1
    * wireshark-devel-2.4.16-48.69.1
    * libwireshark9-debuginfo-2.4.16-48.69.1
    * wireshark-gtk-debuginfo-2.4.16-48.69.1
    * libwiretap7-2.4.16-48.69.1
    * libwireshark9-2.4.16-48.69.1
    * wireshark-debugsource-2.4.16-48.69.1
    * wireshark-2.4.16-48.69.1
    * libwscodecs1-2.4.16-48.69.1
    * libwscodecs1-debuginfo-2.4.16-48.69.1
    * wireshark-gtk-2.4.16-48.69.1

## References:

  * https://www.suse.com/security/cve/CVE-2026-5401.html
  * https://www.suse.com/security/cve/CVE-2026-5403.html
  * https://www.suse.com/security/cve/CVE-2026-5404.html
  * https://www.suse.com/security/cve/CVE-2026-5406.html
  * https://www.suse.com/security/cve/CVE-2026-5407.html
  * https://www.suse.com/security/cve/CVE-2026-5408.html
  * https://www.suse.com/security/cve/CVE-2026-5653.html
  * https://www.suse.com/security/cve/CVE-2026-6521.html
  * https://www.suse.com/security/cve/CVE-2026-6522.html
  * https://www.suse.com/security/cve/CVE-2026-6527.html
  * https://www.suse.com/security/cve/CVE-2026-6532.html
  * https://www.suse.com/security/cve/CVE-2026-6535.html
  * https://www.suse.com/security/cve/CVE-2026-6538.html
  * https://www.suse.com/security/cve/CVE-2026-6870.html
  * https://www.suse.com/security/cve/CVE-2026-7379.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1263725
  * https://bugzilla.suse.com/show_bug.cgi?id=1263728
  * https://bugzilla.suse.com/show_bug.cgi?id=1263731
  * https://bugzilla.suse.com/show_bug.cgi?id=1263734
  * https://bugzilla.suse.com/show_bug.cgi?id=1263739
  * https://bugzilla.suse.com/show_bug.cgi?id=1263743
  * https://bugzilla.suse.com/show_bug.cgi?id=1263744
  * https://bugzilla.suse.com/show_bug.cgi?id=1263750
  * https://bugzilla.suse.com/show_bug.cgi?id=1263752
  * https://bugzilla.suse.com/show_bug.cgi?id=1263753
  * https://bugzilla.suse.com/show_bug.cgi?id=1263754
  * https://bugzilla.suse.com/show_bug.cgi?id=1263756
  * https://bugzilla.suse.com/show_bug.cgi?id=1263758
  * https://bugzilla.suse.com/show_bug.cgi?id=1263765
  * https://bugzilla.suse.com/show_bug.cgi?id=1263766

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20260714/9d7ee5f8/attachment.htm>


More information about the sle-updates mailing list