Описание
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 1:4.1.4-1 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needed | |
| esm-apps/jammy | not-affected | 1:4.1.4-1 |
| esm-apps/noble | not-affected | 1:4.1.4-1 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow.
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input o ...
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow.
7.5 High
CVSS2
9.8 Critical
CVSS3