PT-2019-11404 · Open Information Security Foundation · Suricata

Published

2019-05-13

Updated

2025-07-28

CVE-2019-10053

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Suricata versions 4.1.x through 4.1.3

Description: An issue was discovered where the input of the function SSHParseBanner composed only of a character causes a heap-based buffer over-read. This occurs due to an erroneous search for r resulting in an integer underflow.

Recommendations: For Suricata versions 4.1.x through 4.1.3, update to version 4.1.4 or later to resolve the issue.

Fix

Out of bounds Read

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-191

Related Identifiers

CVE-2019-10053

OPENSUSE-SU-2025:15394-1

Affected Products

Suricata

PT-2019-11404 · Open Information Security Foundation · Suricata

CVE-2019-10053

Weakness Enumeration

Related Identifiers

Affected Products

References · 40