Red Hat Bugzilla – Bug 524001
CVE-2009-3242 Wireshark: DoS (crash) in GSM A RR dissector
Last modified: 2010-06-25 05:48:12 EDT
A denial of service flaw was found in the Wireshark's GSM layer 3 Radio Resource Protocol (GSM A RR) dissector. Loading a specially-crafted GSM A RR PCAP capture
file in Wireshark would lead to Wireshark crash.
This issue does NOT affect the versions of the wireshark package,
as shipped with Red Hat Enterprise Linux 3, 4, or 5.
This issue affects the latest versions of wireshark package,
as shipped with Fedora release of 10 and 11 (wireshark-1.2.1-1.fc10
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-3242 to
the following vulnerability:
Unspecified vulnerability in packet.c in the GSM A RR dissector in
Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of
service (application crash) via unknown vectors related to "an
uninitialized dissector handle," which triggers an assertion failure.
wireshark-1.2.2-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.