It was reported that the libpcap file parser could crash. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This is reported to affect Wireshark versions 1.10.0 to 1.10.3 and is fixed in 1.10.4. According to the upstream bug report, it was only ever reproduced in Windows, however the upstream advisory does not indicate that it is Windows-only. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9753 External References: http://www.wireshark.org/security/wnpa-sec-2014-05.html
Common Vulnerabilities and Exposures assigned an identifier CVE-2014-4174 to the following vulnerability: Name: CVE-2014-4174 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4174 Assigned: 20140617 Reference: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808 Reference: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9390 Reference: http://anonsvn.wireshark.org/viewvc/trunk-1.10/wiretap/libpcap.c?r1=53123&r2=53122&pathrev=53123 Reference: http://anonsvn.wireshark.org/viewvc?view=revision&revision=53123 Reference: http://www.wireshark.org/security/wnpa-sec-2014-05.html Reference: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9753 wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted packet-trace file that includes a large packet.
Statement: Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.