It may be possible to make Wireshark consume excessive system resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Affects 1.4.0 to 1.4.14, 1.6.0 to 1.6.9, 1.8.0 to 1.8.1 and is fixed in upstream 1.8.2, 1.6.10, and 1.4.15 versions. http://www.wireshark.org/security/wnpa-sec-2012-20.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7570 Currently the upstream bug is closed, so unable to find the svn commit that corrects this.
Created wireshark tracking bugs for this issue Affects: fedora-all [bug 848593]
Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44312
wireshark-1.6.10-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
wireshark-1.6.10-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2013:0125 https://rhn.redhat.com/errata/RHSA-2013-0125.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:1569 https://rhn.redhat.com/errata/RHSA-2013-1569.html
Statement: (none)