In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25863
Reference (s):
- FEDORA:FEDORA-2020-1b390bec14
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D/
- FEDORA:FEDORA-2020-1bf4b97c16
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW/
- FEDORA:FEDORA-2020-9bda6ae1cd