It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Affects 1.4.0 to 1.4.14, 1.6.0 to 1.6.9, 1.8.0 to 1.8.1 and is fixed in upstream 1.8.2, 1.6.10, and 1.4.15 versions. http://www.wireshark.org/security/wnpa-sec-2012-15.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7571 http://anonsvn.wireshark.org/viewvc?view=revision&revision=44289 Note: 1.0.x does not have the XTP dissector, 1.2.x does so is probably affected. Statement: This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 5.
Created wireshark tracking bugs for this issue Affects: fedora-all [bug 848593]
wireshark-1.6.10-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
wireshark-1.6.10-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:1569 https://rhn.redhat.com/errata/RHSA-2013-1569.html
Statement: (none)