It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. External Referencies: https://www.wireshark.org/security/wnpa-sec-2019-15.html Upstream bug(s): https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15617
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 1697945]
Upstream patch: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=651cd91b16b01e3da698b04542da376d946bc54b
An heap out-of-bound read is possible in assign_addr_port_id() in epan/dissectors/packet-dof.c, when the DOF dissector is used. This could lead to a crash or to a leak of the memory content.
External References: https://www.wireshark.org/security/wnpa-sec-2019-15.html