An update for wireshark is now available for openEuler-24.03-LTS-SP2 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-1550 Final 1.0 1.0 2026-03-15 Initial 2026-03-15 2026-03-15 openEuler SA Tool V1.0 2026-03-15 wireshark security update An update for wireshark is now available for openEuler-24.03-LTS-SP2 Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless (WiFi or Bluetooth) networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. Security Fix(es): Wireshark is a widely used network protocol analyzer. In Wireshark versions 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12, there is an out-of-bounds write vulnerability in its IEEE 802.11 protocol dissector. An attacker can exploit this vulnerability by crafting a malicious network packet. During the parsing process, this triggers the vulnerability, causing the Wireshark process to crash, thereby achieving a denial of service attack.(CVE-2026-0959) Wireshark is a widely used network protocol analyzer. In versions 4.6.0 to 4.6.2, a flaw exists in its HTTP3 protocol dissector. When processing network packets of a specific format, it enters an unreachable exit condition (infinite loop), causing the Wireshark process to hang or crash, resulting in a denial of service.(CVE-2026-0960) Wireshark is a widely used network protocol analyzer. A vulnerability exists in the BLF file parser of Wireshark versions 4.6.0 to 4.6.2 and versions 4.4.0 to 4.4.12. An attacker can craft a malicious BLF file to trigger an out-of-bounds write in the parser, leading to a crash and resulting in a denial of service.(CVE-2026-0961) SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service(CVE-2026-0962) USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service(CVE-2026-3201) RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service(CVE-2026-3203) An update for wireshark is now available for master/openEuler-20.03-LTS-SP4/openEuler-22.03-LTS-SP4/openEuler-24.03-LTS/openEuler-24.03-LTS-Next/openEuler-24.03-LTS-SP1/openEuler-24.03-LTS-SP2/openEuler-24.03-LTS-SP3. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium wireshark https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1550 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-0959 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-0960 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-0961 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-0962 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-3201 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-3203 https://nvd.nist.gov/vuln/detail/CVE-2026-0959 https://nvd.nist.gov/vuln/detail/CVE-2026-0960 https://nvd.nist.gov/vuln/detail/CVE-2026-0961 https://nvd.nist.gov/vuln/detail/CVE-2026-0962 https://nvd.nist.gov/vuln/detail/CVE-2026-3201 https://nvd.nist.gov/vuln/detail/CVE-2026-3203 openEuler-24.03-LTS-SP2 wireshark-4.4.14-1.oe2403sp2.aarch64.rpm wireshark-debuginfo-4.4.14-1.oe2403sp2.aarch64.rpm wireshark-debugsource-4.4.14-1.oe2403sp2.aarch64.rpm wireshark-devel-4.4.14-1.oe2403sp2.aarch64.rpm wireshark-4.4.14-1.oe2403sp2.src.rpm wireshark-4.4.14-1.oe2403sp2.x86_64.rpm wireshark-debuginfo-4.4.14-1.oe2403sp2.x86_64.rpm wireshark-debugsource-4.4.14-1.oe2403sp2.x86_64.rpm wireshark-devel-4.4.14-1.oe2403sp2.x86_64.rpm wireshark-help-4.4.14-1.oe2403sp2.noarch.rpm Wireshark is a widely used network protocol analyzer. In Wireshark versions 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12, there is an out-of-bounds write vulnerability in its IEEE 802.11 protocol dissector. An attacker can exploit this vulnerability by crafting a malicious network packet. During the parsing process, this triggers the vulnerability, causing the Wireshark process to crash, thereby achieving a denial of service attack. 2026-03-15 CVE-2026-0959 openEuler-24.03-LTS-SP2 Medium 5.3 AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H wireshark security update 2026-03-15 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1550 Wireshark is a widely used network protocol analyzer. In versions 4.6.0 to 4.6.2, a flaw exists in its HTTP3 protocol dissector. When processing network packets of a specific format, it enters an unreachable exit condition (infinite loop), causing the Wireshark process to hang or crash, resulting in a denial of service. 2026-03-15 CVE-2026-0960 openEuler-24.03-LTS-SP2 Medium 4.7 AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H wireshark security update 2026-03-15 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1550 Wireshark is a widely used network protocol analyzer. A vulnerability exists in the BLF file parser of Wireshark versions 4.6.0 to 4.6.2 and versions 4.4.0 to 4.4.12. An attacker can craft a malicious BLF file to trigger an out-of-bounds write in the parser, leading to a crash and resulting in a denial of service. 2026-03-15 CVE-2026-0961 openEuler-24.03-LTS-SP2 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H wireshark security update 2026-03-15 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1550 SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service 2026-03-15 CVE-2026-0962 openEuler-24.03-LTS-SP2 Medium 5.3 AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H wireshark security update 2026-03-15 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1550 USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service 2026-03-15 CVE-2026-3201 openEuler-24.03-LTS-SP2 Medium 4.7 AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H wireshark security update 2026-03-15 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1550 RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service 2026-03-15 CVE-2026-3203 openEuler-24.03-LTS-SP2 Medium 5.5 AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H wireshark security update 2026-03-15 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1550