Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Wireshark Crashes When Analyzing Malicious Network Packets
OESA-2026-1547
Summary
Wireshark, a tool used to analyze network traffic, has security issues that can cause it to crash when processing certain types of malicious network packets. This can prevent the tool from functioning as intended, which can impact your ability to troubleshoot network issues. Update to the latest version to ensure you have the latest security patches.
What to do
- Update wireshark to version 4.4.14-1.oe2203sp4.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | wireshark | <= 4.4.14-1.oe2203sp4 | 4.4.14-1.oe2203sp4 |
Original title
wireshark security update
Original description
Wireshark allows you to examine protocol data stored in files or as it is
captured from wired or wireless (WiFi or Bluetooth) networks, USB devices,
and many other sources. It supports dozens of protocol capture file formats
and understands more than a thousand protocols.
Security Fix(es):
Wireshark is a widely used network protocol analyzer. In Wireshark versions 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12, there is an out-of-bounds write vulnerability in its IEEE 802.11 protocol dissector. An attacker can exploit this vulnerability by crafting a malicious network packet. During the parsing process, this triggers the vulnerability, causing the Wireshark process to crash, thereby achieving a denial of service attack.(CVE-2026-0959)
Wireshark is a widely used network protocol analyzer. In versions 4.6.0 to 4.6.2, a flaw exists in its HTTP3 protocol dissector. When processing network packets of a specific format, it enters an unreachable exit condition (infinite loop), causing the Wireshark process to hang or crash, resulting in a denial of service.(CVE-2026-0960)
Wireshark is a widely used network protocol analyzer. A vulnerability exists in the BLF file parser of Wireshark versions 4.6.0 to 4.6.2 and versions 4.4.0 to 4.4.12. An attacker can craft a malicious BLF file to trigger an out-of-bounds write in the parser, leading to a crash and resulting in a denial of service.(CVE-2026-0961)
SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service(CVE-2026-0962)
USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service(CVE-2026-3201)
RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service(CVE-2026-3203)
captured from wired or wireless (WiFi or Bluetooth) networks, USB devices,
and many other sources. It supports dozens of protocol capture file formats
and understands more than a thousand protocols.
Security Fix(es):
Wireshark is a widely used network protocol analyzer. In Wireshark versions 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12, there is an out-of-bounds write vulnerability in its IEEE 802.11 protocol dissector. An attacker can exploit this vulnerability by crafting a malicious network packet. During the parsing process, this triggers the vulnerability, causing the Wireshark process to crash, thereby achieving a denial of service attack.(CVE-2026-0959)
Wireshark is a widely used network protocol analyzer. In versions 4.6.0 to 4.6.2, a flaw exists in its HTTP3 protocol dissector. When processing network packets of a specific format, it enters an unreachable exit condition (infinite loop), causing the Wireshark process to hang or crash, resulting in a denial of service.(CVE-2026-0960)
Wireshark is a widely used network protocol analyzer. A vulnerability exists in the BLF file parser of Wireshark versions 4.6.0 to 4.6.2 and versions 4.4.0 to 4.4.12. An attacker can craft a malicious BLF file to trigger an out-of-bounds write in the parser, leading to a crash and resulting in a denial of service.(CVE-2026-0961)
SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service(CVE-2026-0962)
USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service(CVE-2026-3201)
RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service(CVE-2026-3203)
- https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA... Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-0959 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-0960 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-0961 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-0962 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-3201 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-3203 Vendor Advisory
Published: 15 Mar 2026 · Updated: 15 Mar 2026 · First seen: 15 Mar 2026