An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match the real length of the HSHelloExtensions part of the packet.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-24T19:20:11
Updated: 2024-08-05T00:56:22.166Z
Reserved: 2019-08-27T00:00:00
Link: CVE-2019-15699
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-09-24T20:15:11.810
Modified: 2024-11-21T04:29:16.923
Link: CVE-2019-15699
Redhat
No data.