⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2018-18956Improper Restriction of Operations within the Bounds of a Memory Buffer in Suricata

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer9 documents7 sources
Severity
7.5HIGHNVD
EPSS
1.1%
top 21.53%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
2
Oisf SuricataSuricata-ids Suricata
Timeline
PublishedNov 5
Latest updateMay 13

Description

The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial of service (segfault and daemon crash) via crafted input to the SMTP parser, as exploited in the wild in November 2018.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDsuricata-ids/suricata4.0.04.0.6
Debianoisf/suricata< 1:4.0.6-1+3

🔴Vulnerability Details

4
GHSA
GHSA-mhv4-xgrg-gg58: The ProcessMimeEntity function in util-decode-mime2022-05-13
OSV
CVE-2018-18956: The ProcessMimeEntity function in util-decode-mime2018-11-05
CVEList
CVE-2018-18956: The ProcessMimeEntity function in util-decode-mime2018-11-05
VulnCheck
suricata-ids suricata Improper Restriction of Operations within the Bounds of a Memory Buffer2018

📋Vendor Advisories

1
Debian
CVE-2018-18956: suricata - The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0....2018

💬Community

3
Bugzilla
CVE-2018-18956 suricata: Segmentation fault in the ProcessMimeEntity function [fedora-all]2018-11-06
Bugzilla
CVE-2018-18956 suricata: Segmentation fault in the ProcessMimeEntity function2018-11-06
Bugzilla
CVE-2018-18956 suricata: Segmentation fault in the ProcessMimeEntity function [epel-7]2018-11-06
CVE-2018-18956 — Suricata-ids Suricata vulnerability | cvebase