CVE-2019-15699

Name of the Vulnerable Software and Affected Versions Suricata version 4.1.4

Description An issue was discovered in the app-layer-ssl.c component. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions attempts to access a memory region that is not allocated. This occurs because the expected length of HSHelloExtensions does not match the real length of the HSHelloExtensions part of the packet.

Recommendations For Suricata version 4.1.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.