A divide-by-zero vulnerability in ZigBee ZCL dissector allows Wireshark to crash when parsing a specially crafted pcap file. An attacker could cause a denial of service to Wireshark by injecting malicious packets into victim's WPAN network.
In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.
Created wireshark tracking bugs for this issue:
Affects: fedora-all [bug 1655944]
ZigBee is a family of WPAN protocols, thus AV:A.
This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 5, 6, and 7.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):