Software: Suricata, v. 4.1.4
Language: C
Risk: medium / high
Type: heap buffer overflow (logics bug)

Description: This bug was found by libFuzzer By sending multiple IPv4 packets which are fragmented, the function "Defrag4Reassemble(..)" tries to access to a memory region that is not allocated. The function "Defrag4Reassemble(..)" doesn't have header_len check.

Status: published