CVE-2019-10050
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control flow, such that the condition to leave the loop is true. After leaving the loop, the network packet has a length of 2 bytes. There is no validation of this length. Later on, the code tries to read at an empty position, leading to a crash.
Se descubrió un problema de sobrelectura de búfer en Suricata, versiones 4.1.x anteriores a 4.1.4. Si la entrada de la función decode-mpls.c DecodeMPLS está compuesta sólo por un paquete de dirección de origen y dirección de destino más el campo de tipo correcto y el número correcto de shim, un atacante puede manipular el flujo de control, de tal forma que la condición para abandonar el bucle sea verdadera. Después de salir del bucle, el paquete de red tiene una longitud de 2 bytes. No hay validación de esta longitud. Más tarde, el código intenta leer en una posición vacía, provocando un fallo.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-03-25 CVE Reserved
- 2019-05-13 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://lists.openinfosecfoundation.org/pipermail/oisf-announce | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://suricata-ids.org/2019/04/30/suricata-4-1-4-released | 2019-10-24 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Oisf Search vendor "Oisf" | Suricata Search vendor "Oisf" for product "Suricata" | >= 4.0.0 < 4.1.4 Search vendor "Oisf" for product "Suricata" and version " >= 4.0.0 < 4.1.4" | - |
Affected
|