Kafka dissector memory leak fixed in 3.2.9, 3.4.1. References: https://www.wireshark.org/security/wnpa-sec-2020-16 https://gitlab.com/wireshark/wireshark/-/issues/16739 https://www.wireshark.org/lists/wireshark-announce/202012/msg00000.html https://www.wireshark.org/lists/wireshark-announce/202012/msg00001.html
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 1919913]
Upstream fix: https://gitlab.com/wireshark/wireshark/-/commit/f4374967bbf9c12746b8ec3cd54dddada9dd353e
External References: https://www.wireshark.org/security/wnpa-sec-2020-16
Statement: This issue does not affect the versions of `wireshark` as shipped with Red Hat Enterprise Linux 5, 6, and 7, as they did not include support for the Apache Kafka dissector.
More of a memory leak, I'd rather consider this bug to be an improper validation of the decompression size (while decoding packets captured in a pcap file or coming from the network) leading to an assertion failure and possible crash. Among other things, the patch checks the 'length' argument of decompress() in epan/dissectors/packet-kafka.c. --- #define MAX_DECOMPRESSION_SIZE (50 * 1000 * 1000) // Arbitrary if (length > MAX_DECOMPRESSION_SIZE) { expert_add_info(pinfo, NULL, &ei_kafka_bad_decompression_length); return FALSE; }