Critical Vulnerability Information Vulnerability Description Vulnerability Name: Potential out of bound read in _nx_ipv4_option_process() Severity: Medium (6.9/10) CVE ID: CVE-2015-55092 CVSS v4 Base Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Confidentiality Impact: Low - Integrity Impact: None - Availability Impact: None Affected and Fixed Versions Affected Versions: <= 6.4.3 Fixed Versions: 6.4.4 Weaknesses CWE-25: Out-of-bounds Read CWE-26: Improper Validation of Array Index Description During processing of IPv4 options, the function may read data beyond its bounds. Specifically, when handling the option, the function reads an additional 3 bytes without performing any boundary checks, potentially leading to an out-of-bounds read. Related Code Snippet