Candidate: CVE-2019-16411
PublicDate: 2019-09-24 20:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16411
 https://suricata-ids.org/2019/09/24/suricata-4-1-5-released/
Description:
 An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets
 that have invalid IPv4Options, the function IPV4OptValidateTimestamp in
 decode-ipv4.c tries to access a memory region that is not allocated. There
 is a check for o->len < 5 (corresponding to 2 bytes of header and 3 bytes
 of data). Then, "flag = *(o->data + 3)" places one beyond the 3 bytes,
 because the code should have been "flag = *(o->data + 1)" instead.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_suricata:
upstream_suricata: released (1:4.1.5-1)
precise/esm_suricata: DNE
trusty_suricata: ignored (out of standard support)
trusty/esm_suricata: DNE
xenial_suricata: ignored (end of standard support, was needs-triage)
bionic_suricata: needs-triage
focal_suricata: DNE
groovy_suricata: DNE
hirsute_suricata: DNE
impish_suricata: DNE
jammy_suricata: not-affected (1:4.1.5-1)
devel_suricata: not-affected (1:4.1.5-1)