Security update for wireshark SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:0237-1 Final 1 1 2026-01-22T12:26:09Z current 2026-01-22T12:26:09Z 2026-01-22T12:26:09Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wireshark This update for wireshark fixes the following issues: - CVE-2026-0959: IEEE 802.11 dissector crash (bsc#1256734). - CVE-2026-0960: HTTP3 dissector infinite loop (bsc#1256736). - CVE-2026-0962: SOME/IP-SD dissector crash (bsc#1256739). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2026-237,SUSE-SLE-Module-Basesystem-15-SP7-2026-237,SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-237,openSUSE-SLE-15.6-2026-237 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-20260237-1/ Link for SUSE-SU-2026:0237-1 https://lists.suse.com/pipermail/sle-security-updates/2026-January/023848.html E-Mail link for SUSE-SU-2026:0237-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1256734 SUSE Bug 1256734 https://bugzilla.suse.com/1256736 SUSE Bug 1256736 https://bugzilla.suse.com/1256739 SUSE Bug 1256739 https://www.suse.com/security/cve/CVE-2026-0959/ SUSE CVE CVE-2026-0959 page https://www.suse.com/security/cve/CVE-2026-0960/ SUSE CVE CVE-2026-0960 page https://www.suse.com/security/cve/CVE-2026-0962/ SUSE CVE CVE-2026-0962 page SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 openSUSE Leap 15.6 libwireshark17-4.2.14-150600.18.35.1 libwiretap14-4.2.14-150600.18.35.1 libwsutil15-4.2.14-150600.18.35.1 wireshark-4.2.14-150600.18.35.1 wireshark-devel-4.2.14-150600.18.35.1 wireshark-ui-qt-4.2.14-150600.18.35.1 libwireshark17-4.2.14-150600.18.35.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 libwiretap14-4.2.14-150600.18.35.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 libwsutil15-4.2.14-150600.18.35.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 wireshark-4.2.14-150600.18.35.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 wireshark-devel-4.2.14-150600.18.35.1 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP7 wireshark-ui-qt-4.2.14-150600.18.35.1 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP7 libwireshark17-4.2.14-150600.18.35.1 as a component of openSUSE Leap 15.6 libwiretap14-4.2.14-150600.18.35.1 as a component of openSUSE Leap 15.6 libwsutil15-4.2.14-150600.18.35.1 as a component of openSUSE Leap 15.6 wireshark-4.2.14-150600.18.35.1 as a component of openSUSE Leap 15.6 wireshark-devel-4.2.14-150600.18.35.1 as a component of openSUSE Leap 15.6 wireshark-ui-qt-4.2.14-150600.18.35.1 as a component of openSUSE Leap 15.6 IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service CVE-2026-0959 SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark17-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libwiretap14-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libwsutil15-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:wireshark-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:wireshark-devel-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:wireshark-ui-qt-4.2.14-150600.18.35.1 openSUSE Leap 15.6:libwireshark17-4.2.14-150600.18.35.1 openSUSE Leap 15.6:libwiretap14-4.2.14-150600.18.35.1 openSUSE Leap 15.6:libwsutil15-4.2.14-150600.18.35.1 openSUSE Leap 15.6:wireshark-4.2.14-150600.18.35.1 openSUSE Leap 15.6:wireshark-devel-4.2.14-150600.18.35.1 openSUSE Leap 15.6:wireshark-ui-qt-4.2.14-150600.18.35.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260237-1/ https://www.suse.com/security/cve/CVE-2026-0959.html CVE-2026-0959 https://bugzilla.suse.com/1256734 SUSE Bug 1256734 HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service CVE-2026-0960 SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark17-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libwiretap14-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libwsutil15-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:wireshark-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:wireshark-devel-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:wireshark-ui-qt-4.2.14-150600.18.35.1 openSUSE Leap 15.6:libwireshark17-4.2.14-150600.18.35.1 openSUSE Leap 15.6:libwiretap14-4.2.14-150600.18.35.1 openSUSE Leap 15.6:libwsutil15-4.2.14-150600.18.35.1 openSUSE Leap 15.6:wireshark-4.2.14-150600.18.35.1 openSUSE Leap 15.6:wireshark-devel-4.2.14-150600.18.35.1 openSUSE Leap 15.6:wireshark-ui-qt-4.2.14-150600.18.35.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260237-1/ https://www.suse.com/security/cve/CVE-2026-0960.html CVE-2026-0960 https://bugzilla.suse.com/1256736 SUSE Bug 1256736 SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service CVE-2026-0962 SUSE Linux Enterprise Module for Basesystem 15 SP7:libwireshark17-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libwiretap14-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:libwsutil15-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:wireshark-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:wireshark-devel-4.2.14-150600.18.35.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:wireshark-ui-qt-4.2.14-150600.18.35.1 openSUSE Leap 15.6:libwireshark17-4.2.14-150600.18.35.1 openSUSE Leap 15.6:libwiretap14-4.2.14-150600.18.35.1 openSUSE Leap 15.6:libwsutil15-4.2.14-150600.18.35.1 openSUSE Leap 15.6:wireshark-4.2.14-150600.18.35.1 openSUSE Leap 15.6:wireshark-devel-4.2.14-150600.18.35.1 openSUSE Leap 15.6:wireshark-ui-qt-4.2.14-150600.18.35.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260237-1/ https://www.suse.com/security/cve/CVE-2026-0962.html CVE-2026-0962 https://bugzilla.suse.com/1256739 SUSE Bug 1256739