CVE-2019-16410

An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of header_len checking.

Published : 2019-09-24 20:15 Updated : 2019-09-25 13:21

6.4
CVSS Score More info
Score 6.4 / 10
6.4
Vendor Product Version URI
Suricata-ids Suricata 4.1.4 cpe:/a:suricata-ids:suricata:4.1.4
  1. Suricata-ids (1) Search CVE
    1. Suricata (1) Search CVE
      1. 4.1.4

CWE

ID Name Description Links
CWE-125 Out-of-bounds Read The software reads data past the end, or before the beginning, of the intended buffer. CVE

History of changes

Date Event
2019-09-25 13:21
2019-09-24 20:15

New CVE