The Red Hat security advisory RHSA-2026:26182 addresses four security vulnerabilities in Wireshark packages: a buffer over-read (CVE-2026-3203), improperly controlled sequential memory allocation (CVE-2026-3201), a heap-based buffer overflow (CVE-2026-5405), and a path traversal vulnerability (CVE-2026-5656). These issues could potentially lead to memory corruption or unauthorized file access. The advisory covers Red Hat Enterprise Linux 10.0 Extended Update Support and related CodeReady Linux Builder variants across multiple architectures (x86_64, s390x, ppc64le, aarch64). Red Hat has released updated Wireshark packages (version 4.4.2-3.el10_0.4) that fix these vulnerabilities. No CVSS scores are provided in the advisory, and no known exploits in the wild have been reported.

The vulnerabilities include memory corruption issues such as buffer over-read, heap-based buffer overflow, and improper memory allocation, which could lead to application crashes or potentially allow execution of arbitrary code. The path traversal vulnerability could allow unauthorized access to files outside intended directories. These issues affect the Wireshark network protocol analyzer, which is used to capture and analyze network traffic. Exploitation could compromise the confidentiality, integrity, or availability of the affected system's network analysis capabilities.

Red Hat has released updated Wireshark packages that address these vulnerabilities. Users of Red Hat Enterprise Linux 10.0 Extended Update Support and related CodeReady Linux Builder products should apply the updates as described in Red Hat advisory RHSA-2026:26182. The advisory provides detailed instructions and updated package versions. No additional mitigation steps are indicated beyond applying the official patches.