Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-10050

Опубликовано: 13 мая 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control flow, such that the condition to leave the loop is true. After leaving the loop, the network packet has a length of 2 bytes. There is no validation of this length. Later on, the code tries to read at an empty position, leading to a crash.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

not-affected

1:4.1.4-1
disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needed

esm-apps/jammy

not-affected

1:4.1.4-1
esm-apps/noble

not-affected

1:4.1.4-1
esm-apps/xenial

needed

esm-infra-legacy/trusty

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 67%
0.00536
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2019-10050

CVSS3: 7.5
nvd
больше 6 лет назад

A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control flow, such that the condition to leave the loop is true. After leaving the loop, the network packet has a length of 2 bytes. There is no validation of this length. Later on, the code tries to read at an empty position, leading to a crash.

debian логотип

CVE-2019-10050

CVSS3: 7.5
debian
больше 6 лет назад

A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4 ...

github логотип

GHSA-25q8-m23x-4242

CVSS3: 7.5
github
больше 3 лет назад

A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control flow, such that the condition to leave the loop is true. After leaving the loop, the network packet has a length of 2 bytes. There is no validation of this length. Later on, the code tries to read at an empty position, leading to a crash.

EPSS

Процентиль: 67%
0.00536
Низкий

5 Medium

CVSS2

7.5 High

CVSS3