CVE-2019-10056

Published: Aug 28, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

An issue was discovered in Suricata 4.1.3. The code mishandles the case of sending a network packet with the right type, such that the function DecodeEthernet in decode-ethernet.c is executed a second time. At this point, the algorithm cuts the first part of the packet and doesn't determine the current length. Specifically, if the packet is exactly 28 long, in the first iteration it subtracts 14 bytes. Then, it is working with a packet length of 14. At this point, the case distinction says it is a valid packet. After that it casts the packet, but this packet has no type, and the program crashes at the type case distinction.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://suricata-ids.org/2019/04/30/suricata-4-1-4-released/

x_refsource_CONFIRM

https://redmine.openinfosecfoundation.org/issues/2946

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-10056

Description

Affected Products

References