Project

General

Profile

Actions
Copy link

Bug #4387

closed
PA PA

Heap-use-after-free READ 8 · JsonDNP3LoggerToClient

Bug #4387: Heap-use-after-free READ 8 · JsonDNP3LoggerToClient

Added by Philippe Antoine about 5 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
7.0.0-beta1
Affected Versions:
6.0.2
Effort:
Difficulty:
Label:
Needs backport, Needs backport to 6.0

Description

Found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31549

Use after realloc
DNP3 seems the only one to use OutputJsonBuilderBuffer dangerously

Related issues 1 (0 open1 closed)

Copied to Suricata - Security #4420: Heap-use-after-free READ 8 · JsonDNP3LoggerToClientClosedJason IshActions

PA Updated by Philippe Antoine about 5 years ago Actions
Copy link
 #1

  • Status changed from New to In Review

Gitlab MR

JL Updated by Jeff Lucovsky about 5 years ago Actions
Copy link
 #2

  • Copied to Security #4420: Heap-use-after-free READ 8 · JsonDNP3LoggerToClient added

VJ Updated by Victor Julien over 4 years ago Actions
Copy link
 #4

  • Private changed from Yes to No
Actions
Copy link

Also available in: PDF Atom