The rlcdecodeli function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.10.x before 1.10.9 initializes a certain structure member only after this member is used, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libwiretap-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwsutil-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-dbg": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-doc": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwsutil4": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwireshark5-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwiretap-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwsutil-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "tshark": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwireshark-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "tshark-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-common-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-qt": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwireshark-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-common": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwsutil4-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwiretap4-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwireshark-data": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwireshark5": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwiretap4": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-qt-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1" } ] }