Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=803 The following SIGSEGV crash due to an invalid memory read can be observed in an ASAN build of Wireshark (current git master), by feeding a malformed file to tshark ("$ ./tshark -nVxr /path/to/file"): --- cut --- ==28415==ERROR: AddressSanitizer: SEGV on unknown address 0x61b000022d84 (pc 0x7f0e1b0002a2 bp 0x7ffde25a76f0 sp 0x7ffde25a7630 T0) #0 0x7f0e1b0002a1 in erf_meta_read_tag wireshark/wiretap/erf.c:1242:13 #1 0x7f0e1afff0f0 in populate_summary_info wireshark/wiretap/erf.c:1851:27 #2 0x7f0e1aff34d6 in erf_read wireshark/wiretap/erf.c:447:7 #3 0x7f0e1b1a746b in wtap_read wireshark/wiretap/wtap.c:1245:7 #4 0x528196 in load_cap_file wireshark/tshark.c:3478:12 #5 0x51e67c in main wireshark/tshark.c:2192:13 AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV wireshark/wiretap/erf.c:1242:13 in erf_meta_read_tag ==28415==ABORTING --- cut --- The crash was reported at https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12352. Attached are three files which trigger the crash. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/39877.zip