CVE-2019-10056
https://notcve.org/view.php?id=CVE-2019-10056
An issue was discovered in Suricata 4.1.3. The code mishandles the case of sending a network packet with the right type, such that the function DecodeEthernet in decode-ethernet.c is executed a second time. At this point, the algorithm cuts the first part of the packet and doesn't determine the current length. Specifically, if the packet is exactly 28 long, in the first iteration it subtracts 14 bytes. Then, it is working with a packet length of 14. • https://redmine.openinfosecfoundation.org/issues/2946 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-787: Out-of-bounds Write •
CVE-2019-10054
https://notcve.org/view.php?id=CVE-2019-10054
An issue was discovered in Suricata 4.1.3. The function process_reply_record_v3 lacks a check for the length of reply.data. It causes an invalid memory access and the program crashes within the nfs/nfs3.rs file. Se descubrió un problema en Suricata 4.1.3. La función process_reply_record_v3 carece de una verificación para la longitud de reply.data. • https://redmine.openinfosecfoundation.org/issues/2943 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-20: Improper Input Validation CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2019-10052
https://notcve.org/view.php?id=CVE-2019-10052
An issue was discovered in Suricata 4.1.3. If the network packet does not have the right length, the parser tries to access a part of a DHCP packet. At this point, the Rust environment runs into a panic in parse_clientid_option in the dhcp/parser.rs file. Se descubrió un problema en Suricata 4.1.3. Si el paquete de red no tiene la longitud correcta, el analizador intenta acceder a una parte de un paquete DHCP. • https://redmine.openinfosecfoundation.org/issues/2902 https://redmine.openinfosecfoundation.org/issues/2947 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-707: Improper Neutralization •
CVE-2019-10051
https://notcve.org/view.php?id=CVE-2019-10051
An issue was discovered in Suricata 4.1.3. If the function filetracker_newchunk encounters an unsafe "Some(sfcm) => { ft.new_chunk }" item, then the program enters an smb/files.rs error condition and crashes. Se descubrió un problema en Suricata 4.1.3. Si la función filetracker_newchunk encuentra un elemento inseguro "Some (sfcm) => {ft.new_chunk}", el programa ingresa una condición de error smb / files.rs y se bloquea. • https://github.com/OISF/suricata/pull/3734 https://redmine.openinfosecfoundation.org/issues/2896 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2019-10053
https://notcve.org/view.php?id=CVE-2019-10053
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow. Se descubrió un problema en Suricata versión 4.1.x anterior a la 4.1.4. Si la entrada de la función SSHParseBanner está compuesta sólo por un carácter, entonces el programa se ejecuta en una sobrelectura de búfer basada en pilas. • https://lists.openinfosecfoundation.org/pipermail/oisf-announce https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •