A denial of service flaw was found in the way CLNP dissector of Wireshark, a network traffic analyzer, performed dissection of certain CLNP packet capture files. A remote attacker could provide a specially-crafted CLNP packet / packet capture that, when processed, would lead to excessive CPU consumption or into situation where tshark executable would enter an infinite loop or crash, when trying to process the crafted packet / packet capture file.
Upstream bug report:
Sample packet capture:
Relevant upstream patch:
Created wireshark tracking bugs for this issue
Affects: fedora-all [bug 906387]
Not Vulnerable. This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6.