Project

General

Profile

Actions

Security #4420

closed

Heap-use-after-free READ 8 · JsonDNP3LoggerToClient

Added by Jeff Lucovsky over 3 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Label:
CVE:
Git IDs:
Severity:
Disclosure Date:

Description

Found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31549

Use after realloc
DNP3 seems the only one to use OutputJsonBuilderBuffer dangerously


Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #4387: Heap-use-after-free READ 8 · JsonDNP3LoggerToClientClosedPhilippe AntoineActions
Actions #1

Updated by Jeff Lucovsky over 3 years ago

  • Copied from Bug #4387: Heap-use-after-free READ 8 · JsonDNP3LoggerToClient added
Actions #2

Updated by Jason Ish over 3 years ago

The commit's to master are not applicable to 6.0 as master was fixed due to some other refactoring. For 6.0.x we can use Philippe's original fix for this issue:

https://gitlab.oisf.net/dev/suricata/-/merge_requests/184/diffs?commit_id=29337c81b072e8c6e23c4926e2d819eeb75ceb32

Actions #4

Updated by Jason Ish over 3 years ago

  • Status changed from Assigned to In Review
Actions #5

Updated by Shivani Bhardwaj over 3 years ago

  • Assignee changed from Shivani Bhardwaj to Jason Ish
Actions #6

Updated by Victor Julien over 3 years ago

  • Tracker changed from Bug to Security
Actions #7

Updated by Victor Julien over 3 years ago

  • Status changed from In Review to Closed
Actions #8

Updated by Victor Julien over 3 years ago

  • Private changed from Yes to No
Actions

Also available in: Atom PDF