Vulnerability CVE-2026-6529: Information

Description

iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service

Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
URL: https://nvd.nist.gov/vuln/detail/CVE-2026-6529
Published: April 30, 2026
Modified: May 1, 2026
Error type identifier: CWE-122

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
wiresharksisyphus4.6.5-alt14.6.5-alt1ALT-PU-2026-7053-4416999Fixed
wiresharksisyphus_e2k4.6.5-alt14.6.5-alt1ALT-PU-2026-7283-1-Fixed
wiresharksisyphus_riscv644.6.5-alt14.6.5-alt1ALT-PU-2026-7475-1-Fixed
wiresharksisyphus_loongarch644.6.5-alt14.6.5-alt1ALT-PU-2026-7491-1-Fixed
wiresharkp114.6.5-alt14.6.5-alt1ALT-PU-2026-7055-3417000Fixed
wiresharkc10f24.6.5-alt14.6.5-alt1ALT-PU-2026-7057-4417002Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://gitlab.com/wireshark/wireshark/-/work_items/21145
  • Exploit
  • Issue Tracking
  • Third Party Advisory
https://www.wireshark.org/security/wnpa-sec-2026-32.html
  • Vendor Advisory
    1. cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
      Start including
      4.4.0
      End including
      4.4.14
      cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
      Start including
      4.6.0
      End including
      4.6.4
VKontakte|Telegram|YouTube|Forum|ALT Linux Space|Bugzilla
Version: v26.2.2
Back to top