SUSE-SU-2026:2969-1: moderate: Security update for wireshark
SLE-UPDATES
null at suse.de
Tue Jul 14 16:39:35 UTC 2026
# Security update for wireshark
Announcement ID: SUSE-SU-2026:2969-1
Release Date: 2026-07-14T11:23:14Z
Rating: moderate
References:
* bsc#1263725
* bsc#1263728
* bsc#1263731
* bsc#1263734
* bsc#1263739
* bsc#1263743
* bsc#1263744
* bsc#1263750
* bsc#1263752
* bsc#1263753
* bsc#1263754
* bsc#1263756
* bsc#1263758
* bsc#1263765
* bsc#1263766
Cross-References:
* CVE-2026-5401
* CVE-2026-5403
* CVE-2026-5404
* CVE-2026-5406
* CVE-2026-5407
* CVE-2026-5408
* CVE-2026-5653
* CVE-2026-6521
* CVE-2026-6522
* CVE-2026-6527
* CVE-2026-6532
* CVE-2026-6535
* CVE-2026-6538
* CVE-2026-6870
* CVE-2026-7379
CVSS scores:
* CVE-2026-5401 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5401 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5403 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-5403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-5404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5404 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5406 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5407 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5407 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5408 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5408 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5653 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5653 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5653 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-6521 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6521 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6522 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6522 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6527 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6527 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6532 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6535 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6535 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6538 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6538 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-6870 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-7379 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-7379 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-7379 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* SUSE Linux Enterprise Server 12 SP5
* SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
* SUSE Linux Enterprise Server for SAP Applications 12 SP5
An update that solves 15 vulnerabilities can now be installed.
## Description:
This update for wireshark fixes the following issues
* CVE-2026-5401: AFP dissector crash (bsc#1263756).
* CVE-2026-5403: SBC audio codec crash (bsc#1263765).
* CVE-2026-5404: K12 RF5 file parser crash (bsc#1263766).
* CVE-2026-5406: FC-SWILS dissector crash (bsc#1263754).
* CVE-2026-5407: SMB2 dissector infinite loop (bsc#1263753).
* CVE-2026-5408: BT-DHT dissector crash (bsc#1263752).
* CVE-2026-5653: DCP-ETSI dissector crash (bsc#1263750).
* CVE-2026-6521: OpenFlow v5 protocol dissector infinite loops (bsc#1263744).
* CVE-2026-6522: RPKI-Router protocol dissector infinite loop (bsc#1263743).
* CVE-2026-6527: ASN.1 PER dissector crash (bsc#1263739).
* CVE-2026-6532: Kismet protocol dissector crash (bsc#1263734).
* CVE-2026-6535: Dissection engine zlib decompression crash (bsc#1263731).
* CVE-2026-6538: BEEP dissector crash (bsc#1263728).
* CVE-2026-6870: GSM RP protocol dissector crash (bsc#1263725).
* CVE-2026-7379: Sharkd utility memory leak (bsc#1263758).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2969=1
## Package List:
* SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
* libwiretap7-debuginfo-2.4.16-48.69.1
* libwsutil8-2.4.16-48.69.1
* wireshark-debuginfo-2.4.16-48.69.1
* libwsutil8-debuginfo-2.4.16-48.69.1
* wireshark-devel-2.4.16-48.69.1
* libwireshark9-debuginfo-2.4.16-48.69.1
* wireshark-gtk-debuginfo-2.4.16-48.69.1
* libwiretap7-2.4.16-48.69.1
* libwireshark9-2.4.16-48.69.1
* wireshark-debugsource-2.4.16-48.69.1
* wireshark-2.4.16-48.69.1
* libwscodecs1-2.4.16-48.69.1
* libwscodecs1-debuginfo-2.4.16-48.69.1
* wireshark-gtk-2.4.16-48.69.1
## References:
* https://www.suse.com/security/cve/CVE-2026-5401.html
* https://www.suse.com/security/cve/CVE-2026-5403.html
* https://www.suse.com/security/cve/CVE-2026-5404.html
* https://www.suse.com/security/cve/CVE-2026-5406.html
* https://www.suse.com/security/cve/CVE-2026-5407.html
* https://www.suse.com/security/cve/CVE-2026-5408.html
* https://www.suse.com/security/cve/CVE-2026-5653.html
* https://www.suse.com/security/cve/CVE-2026-6521.html
* https://www.suse.com/security/cve/CVE-2026-6522.html
* https://www.suse.com/security/cve/CVE-2026-6527.html
* https://www.suse.com/security/cve/CVE-2026-6532.html
* https://www.suse.com/security/cve/CVE-2026-6535.html
* https://www.suse.com/security/cve/CVE-2026-6538.html
* https://www.suse.com/security/cve/CVE-2026-6870.html
* https://www.suse.com/security/cve/CVE-2026-7379.html
* https://bugzilla.suse.com/show_bug.cgi?id=1263725
* https://bugzilla.suse.com/show_bug.cgi?id=1263728
* https://bugzilla.suse.com/show_bug.cgi?id=1263731
* https://bugzilla.suse.com/show_bug.cgi?id=1263734
* https://bugzilla.suse.com/show_bug.cgi?id=1263739
* https://bugzilla.suse.com/show_bug.cgi?id=1263743
* https://bugzilla.suse.com/show_bug.cgi?id=1263744
* https://bugzilla.suse.com/show_bug.cgi?id=1263750
* https://bugzilla.suse.com/show_bug.cgi?id=1263752
* https://bugzilla.suse.com/show_bug.cgi?id=1263753
* https://bugzilla.suse.com/show_bug.cgi?id=1263754
* https://bugzilla.suse.com/show_bug.cgi?id=1263756
* https://bugzilla.suse.com/show_bug.cgi?id=1263758
* https://bugzilla.suse.com/show_bug.cgi?id=1263765
* https://bugzilla.suse.com/show_bug.cgi?id=1263766
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20260714/9d7ee5f8/attachment.htm>
More information about the sle-updates
mailing list