Copyright © 2012 Red Hat, Inc. All rights reserved. Moderate 2026-04-30T05:36:29 Wireshark: Wireshark: Denial of Service via SANE protocol dissector infinite loop 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H CWE-835

A flaw was found in Wireshark. The SANE (Scanner Access Now Easy) protocol dissector contains an infinite loop vulnerability. A local user processing specially crafted SANE protocol traffic, such as opening a malicious capture file, can trigger this flaw, leading to a denial of service (DoS) in Wireshark.

To mitigate this issue, users should avoid opening untrusted capture files or processing SANE protocol traffic from untrusted sources. If Wireshark is not actively used, consider removing the `wireshark` package to eliminate the attack surface. For Red Hat Enterprise Linux and Fedora, this can be done using `sudo dnf remove wireshark`. Warning: Removing Wireshark may impact network analysis capabilities. Red Hat Enterprise Linux 10 Fix deferred wireshark Red Hat Enterprise Linux 6 Fix deferred wireshark Red Hat Enterprise Linux 7 Fix deferred wireshark Red Hat Enterprise Linux 8 Fix deferred wireshark Red Hat Enterprise Linux 9 Fix deferred wireshark https://www.cve.org/CVERecord?id=CVE-2026-6531 https://nvd.nist.gov/vuln/detail/CVE-2026-6531 https://gitlab.com/wireshark/wireshark/-/issues/21139 https://www.wireshark.org/security/wnpa-sec-2026-30.html