In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.
https://www.wireshark.org/security/wnpa-sec-2018-01.html
https://www.debian.org/security/2018/dsa-4101
https://lists.debian.org/debian-lts-announce/2018/01/msg00032.html