CVE-2019-10051

Published: Aug 28, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An issue was discovered in Suricata 4.1.3. If the function filetracker_newchunk encounters an unsafe "Some(sfcm) => { ft.new_chunk }" item, then the program enters an smb/files.rs error condition and crashes.

Affected (2)

Products: Suricata Ids: Suricata

Suricata Ids

1 product

Suricata

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Suricata Ids Suricata	Version 4.1.3
Suricata Ids Suricata	Version 4.1.4

Related CWEs

CWE-754

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (6)

https://github.com/OISF/suricata/pull/3734

Source: cve@mitre.org

ExploitPatchThird Party Advisory

https://redmine.openinfosecfoundation.org/issues/2896

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

https://suricata-ids.org/2019/04/30/suricata-4-1-4-released/

Source: cve@mitre.org

Not ApplicableRelease NotesVendor Advisory

https://github.com/OISF/suricata/pull/3734

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchThird Party Advisory

https://redmine.openinfosecfoundation.org/issues/2896

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

https://suricata-ids.org/2019/04/30/suricata-4-1-4-released/

Source: af854a3a-2127-422b-91ae-364da2661108

Not ApplicableRelease NotesVendor Advisory

Timeline

No history available yet.