An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match the real length of the HSHelloExtensions part of the packet.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-09-24T19:20:11

Updated: 2024-08-05T00:56:22.166Z

Reserved: 2019-08-27T00:00:00

Link: CVE-2019-15699

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-09-24T20:15:11.810

Modified: 2024-11-21T04:29:16.923

Link: CVE-2019-15699

cve-icon Redhat

No data.