Bug #3941: Multi-byte Heap buffer over-read in ssl parser - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #3941

closed

Multi-byte Heap buffer over-read in ssl parser

Added by Jeff Lucovsky over 3 years ago. Updated over 3 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Shivani Bhardwaj

Target version:

4.1.9

Affected Versions:

6.0.0beta1, 6.0.0rc1

Effort:

Difficulty:

Label:

Description

Found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24534

Problem is reuse of session_id_length in different contexts : SSLv2 and TLSv1.3

Related issues 1 (0 open — 1 closed)

History
Property changes

Actions

Copy link

Updated by Jeff Lucovsky over 3 years ago

Copied from Bug #3853: Multi-byte Heap buffer over-read in ssl parser added

Actions

Copy link

Updated by Shivani Bhardwaj over 3 years ago

Status changed from Assigned to In Review

Actions

Copy link

Updated by Victor Julien over 3 years ago

Status changed from In Review to Closed

Actions

Copy link

Updated by Victor Julien over 3 years ago

Private changed from Yes to No

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #3941

Multi-byte Heap buffer over-read in ssl parser

Updated by Jeff Lucovsky over 3 years ago

Updated by Shivani Bhardwaj over 3 years ago

Updated by Victor Julien over 3 years ago

Updated by Victor Julien over 3 years ago