In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation. Reference: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15536 Upstream Patch: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c557bb0910be271e49563756411a690a1bc53ce5
External References: https://www.wireshark.org/security/wnpa-sec-2019-08.html
Hrm. Seems like this was introduced via https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=d58a3ffe4f69366f25fd192e41a89b4769c7d22c That's a fairly recent commit and contradicts the versions upstream claims to be affected.
(In reply to Stefan Cornelius from comment #2) > Hrm. Seems like this was introduced via > https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff; > h=d58a3ffe4f69366f25fd192e41a89b4769c7d22c > > That's a fairly recent commit and contradicts the versions upstream claims > to be affected. Yes this seems to be the case.
Statement: This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 5, 6, and 7.
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 1695977]