This update for wireshark fixes the following issues:
Update Wireshark to version 4.6.4 (jsc#PED-15400).
- CVE-2024-9780: ITS dissector crash (bsc#1231475).
- CVE-2024-9781: AppleTalk and RELOAD Framing dissector crash (bsc#1231476).
- CVE-2024-11595: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark (bsc#1233594).
- CVE-2024-11596: Buffer Over-read in Wireshark (bsc#1233593).
- CVE-2025-1492: Uncontrolled Recursion in Wireshark (bsc#1237414).
- CVE-2025-5601: Column handling crashes in Wireshark allows denial of service (bsc#1244081).
- CVE-2025-9817: NULL Pointer Dereference in ssh dissector (bsc#1249090).
- CVE-2025-13499: a malformed packet can lead to a Kafka dissector crash (bsc#1254108).
- CVE-2025-13674: injecting a malformed packet can cause a crash (bsc#1254262).
- CVE-2025-13945: HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of service (bsc#1254471).
- CVE-2025-13946: MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11 allows denial of
service (bsc#1254472).
- CVE-2026-0959: denial of service via IEEE 802.11 protocol dissector crash (bsc#1256734).
- CVE-2026-0960: denial of Service via HTTP3 protocol dissector infinite loop (bsc#1256736).
- CVE-2026-0961: denial of Service vulnerability in BLF file parser (bsc#1256738).
- CVE-2026-0962: denial of Service via SOME/IP-SD protocol dissector crash (bsc#1256739).
- CVE-2026-3201: missing limit checks in USB HID protocol dissector's
parse_report_descriptor function can lead to
memory exhaustion (bsc#1258907).
- CVE-2026-3202: missing checks in NTS-KE protocol dissector can lead to crash (bsc#1258908).
- CVE-2026-3203: missing length checks in the RF4CE Profile protocol dissector can lead to illegal memory access and
crash (bsc#1258909).
Also libvirt was rebuilt against wireshark for the libvirt plugin.