In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.
Created wireshark tracking bugs for this issue:
Affects: fedora-all [bug 1655944]
This issue affects wireshark since version 1.11.3 where dissector for Latency Busters Messaging was introduced.
This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 5, 6 and 7 as they did not include LBMPDM dissector where the vulnerability occurred.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):