A flaw was found in the File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 which does not properly strip '\n' characters, allowing remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line. [UPSTREAM BUG] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14295 [UPSTREAM PATCH] https://code.wireshark.org/review/#/c/24997/
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 1529595]