A denial of service flaw was found in the way R3 dissector of Wireshark, a network traffic analyzer, performed dissection of certain R3 packet capture files. A remote attacker could provide a specially-crafted R3 packet / packet capture that, when processed, would lead to excessive CPU consumption or into situation where tshark executable would enter an infinite loop, when trying to process the crafted packet / packet capture file.
Upstream bug report:
Sample packet capture:
Relevant upstream patches:
Created wireshark tracking bugs for this issue
Affects: fedora-all [bug 906387]
Not Vulnerable. This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6.