Fedora Account System
Red Hat Associate
Red Hat Customer
It was reported that Wireshark's Catapult DCT2000 and IrDA dissectors could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This is reported to affect Wireshark versions 1.10.0 to 1.10.8. It is fixed in 1.10.9. External References: http://www.wireshark.org/security/wnpa-sec-2014-08.html
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 1125768]
wireshark-1.10.9-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
Upstream patch: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=16f8ba1bed579344df373bf38fff552ab8baf380
Statement: This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6. This issue affects the version of wireshark as shipped with Red Hat Enterprise Linux 7. A future update may address this issue.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2014-5161 https://access.redhat.com/security/cve/cve-2014-5162