Description
OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Published: 2026-04-30
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An infinite loop exists in the OpenFlow v5 protocol dissector in Wireshark releases version 4.6.0 through 4.6.4 and 4.4.0 through 4.4.14. Because the loop has an unreachable exit condition, any instance of the affected dissector processing an OpenFlow packet can exhaust processor resources. The resulting denial of service can cause the Wireshark application to become unresponsive or terminate, impacting user productivity and potentially cascading if the di­sector is run on a critical capture system.

Affected Systems

Wireshark Foundation products, specifically Wireshark versions 4.6.0 up to 4.6.4 inclusive and 4.4.0 up to 4.4.14 inclusive, are affected. All users of these releases who process OpenFlow v5 traffic with the default dissector are at risk.

Risk and Exploitability

The vulnerability carries a CVSS score of 5.5, indicating medium severity. Direct evidence of exploitation in the wild is unavailable and the EPSS score is not published, so the likelihood of exploitation is uncertain. The vulnerability is not listed in the CISA KEV catalog. Attackers would need to supply malicious or specifically crafted OpenFlow packets to a running instance of Wireshark to trigger the loop, implying the likely vector is remote network traffic intercepted by the program.

Generated by OpenCVE AI on April 30, 2026 at 13:51 UTC.

Remediation

Vendor Solution

Upgrade to version 4.6.5 or above

OpenCVE Recommended Actions

  • Apply the vendor released patch by upgrading to Wireshark 4.6.5 or later
  • If an upgrade is not immediately possible, disable the OpenFlow v5 dissector in the preferences to prevent the infinite loop
  • Avoid capturing traffic from untrusted or unknown OpenFlow controllers until the issue is resolved
  • Monitor system resources for sudden CPU spikes that indicate a possible denial‑of‑service attempt

Generated by OpenCVE AI on April 30, 2026 at 13:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 30 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 30 Apr 2026 07:45:00 +0000

Type Values Removed Values Added
First Time appeared Wireshark
Wireshark wireshark
Vendors & Products Wireshark
Wireshark wireshark

Thu, 30 Apr 2026 06:30:00 +0000

Type Values Removed Values Added
Description OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service
Title Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
Weaknesses CWE-835
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Wireshark Wireshark
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-04-30T15:20:12.427Z

Reserved: 2026-04-17T15:05:17.772Z

Link: CVE-2026-6521

cve-icon Vulnrichment

Updated: 2026-04-30T15:10:00.897Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-04-30T07:16:39.273

Modified: 2026-04-30T15:10:10.430

Link: CVE-2026-6521

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-30T14:00:22Z

Weaknesses