Red Hat Bugzilla – Bug 1026534
CVE-2013-6336 wireshark: IEEE 802.15.4 dissector crash (wnpa-sec-2013-61)
Last modified: 2015-11-25 05:01:18 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2013-6336 to
the following vulnerability:
The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c
in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and
1.10.x before 1.10.3 uses an incorrect pointer chain, which allows
remote attackers to cause a denial of service (application crash) via
a crafted packet.
Created wireshark tracking bugs for this issue:
Affects: fedora-all [bug 1026546]
wireshark-1.10.3-2.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
wireshark-1.10.3-3.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
wireshark-1.10.3-3.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5.
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2014:0342 https://rhn.redhat.com/errata/RHSA-2014-0342.html