CVE-2019-16411

Name of the Vulnerable Software and Affected Versions Suricata version 4.1.4

Description An issue was discovered where sending multiple IPv4 packets with invalid IPv4Options causes the function IPV4OptValidateTimestamp in decode-ipv4.c to access unallocated memory. This occurs due to an incorrect check and a misplaced pointer operation.

Recommendations For Suricata version 4.1.4, consider applying a patch to correct the IPV4OptValidateTimestamp function to properly handle IPv4Options, specifically by changing the line flag = *(o->data + 3) to flag = *(o->data + 1) to prevent out-of-bounds access.