The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. References: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397 Patch: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28960d79cca262ac6b974f339697b299a1e28fef
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 1543583]