A double free flaw was found in the way Wireshark uncompressed a zlib compressed packet inside a message of tvbuff buffer. A remote attacker could create a specially-crafted capture file, which once opened, by a local, unsuspecting user could lead to wireshark application crash. References: [1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5908 (upstream bug report, not public) [2] http://www.openwall.com/lists/oss-security/2011/05/31/20 (CVE request) [3] http://www.wireshark.org/security/wnpa-sec-2011-07.html (upstream advisory) Upstream patch: [4] http://anonsvn.wireshark.org/viewvc?view=revision&revision=37081
This issue did NOT affect the versions of the wireshark package, as shipped with Red Hat Enterprise Linux 4 and 5. This issue affects the versions of the wireshark package, as shipped with Red Hat Enterprise Linux 6. -- This issue affects the versions of the wireshark package, as shipped with Fedora release of 13, 14 and 15.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:0509 https://rhn.redhat.com/errata/RHSA-2012-0509.html
Current Fedora has wireshark 1.4.12 which is not affected by this flaw.
Statement: This issue did not affect the version of wireshark as shipped with Red Hat Enterprise Linux 4 and 5.