Project

General

Profile

Actions

Security #1880

closed

icmpv4 error packets can lead to missed detection in tcp/udp

Added by Victor Julien about 5 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
High
Assignee:
Target version:
Affected Versions:
Label:
Git IDs:

6b078e4f51800ac4cba3660dedfe210474491bc6

Severity:

Description

If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection.

Actions #1

Updated by Victor Julien about 5 years ago

  • Status changed from Assigned to Closed
Actions #2

Updated by Victor Julien about 1 year ago

  • Tracker changed from Bug to Security
  • CVE set to 2016-10728
  • Git IDs updated (diff)
Actions

Also available in: Atom PDF