|Software: suricata, v. 4.1.4|
|Risk: medium / high|
|Type: heap buffer overflow (logics bug)|
Description: This bug was found by libFuzzer. During sending multiple IPv4 packets with invalid IPv4Options, the function "IPV4OptValidateTimestamp(...)" tried to access a memory region that was not allocated. We checked o->len < 5, so this is 2 bytes hdr, 3 bytes data. Then we flag = *(o->data +3) ... So we are beyond the 3 bytes; the code should actually not do the +3, but a +1.
Where do CVEs come from
CVEs (or Common Vulnerabilities and Exposures) describe a standardized classification framework used to classify security vulnerabilities. The MITRE corporation developed this complex system in 1999, with the objective to lay forth a single unified industry standard, which is used by the majority of companies. Prior to CVEs, security providers each had their databases and classification systems for the numerous vulnerabilities. For this reason, it was often very challenging for customers to exchange security information between different tools and services. The CVE classification system offered a way to standardize all of these systems into one identifier per bug. The MITRE corporation's CVE dictionary is widely recognized in the IT security world.
Why You Should Implement Modern Fuzz Testing
Modern or Feedback-based fuzzing is revolutionizing the software testing business. Our testing platform CI fuzz randomly creates inputs which it then dials into the system under test. During this process, it collects feedback, which it then uses to generate new inputs that will cover even more code of said system. Due to its amazing usability features, CI fuzz enables developers to automatically test their code during production. Ci Fuzz can not only efficiently find well-hidden bugs, by enabling developers to run tests on their projects themselves, it also allows security teams to focus on other issues.
Do you want to find out more about CI Fuzz? Get in touch.