VYPR
Unrated severityNVD Advisory· Published Sep 24, 2019· Updated Aug 5, 2024

CVE-2019-16411

CVE-2019-16411

Description

An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4OptValidateTimestamp in decode-ipv4.c tries to access a memory region that is not allocated. There is a check for o->len < 5 (corresponding to 2 bytes of header and 3 bytes of data). Then, "flag = *(o->data + 3)" places one beyond the 3 bytes, because the code should have been "flag = *(o->data + 1)" instead.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Suricata/Suricatadescription
  • Oisf/Suricatallm-fuzzy
    Range: =4.1.4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.