Bug #4530: DOS Quadratic complexity when having too many transactions - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #4530

closed

PA PA

DOS Quadratic complexity when having too many transactions

Bug #4530: DOS Quadratic complexity when having too many transactions

Added by Philippe Antoine almost 5 years ago. Updated about 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Philippe Antoine

Target version:

7.0.0-beta1

Affected Versions:

6.0.2

Effort:

Difficulty:

Label:

Description

Kind of found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35195

This is true for protocols such as MQTT, Modbus or HTTP2, where each packet/PDU has a transaction identifier (called stream for HTTP2), and we loop over our whole list of transactions to find the right one.
Attack si to start many requests, and do not finish them, so that Suricata keeps them.

There may be more protocols

Related issues 2 (0 open — 2 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Bug #4530

DOS Quadratic complexity when having too many transactions

PA Updated by Philippe Antoine almost 5 years ago Actions
Copy link
#1

PA Updated by Philippe Antoine almost 5 years ago Actions
Copy link
#2

PA Updated by Philippe Antoine over 4 years ago Actions
Copy link
#3

PA Updated by Philippe Antoine over 4 years ago Actions
Copy link
#4

PA Updated by Philippe Antoine over 4 years ago Actions
Copy link
#5

SB Updated by Shivani Bhardwaj about 4 years ago Actions
Copy link
#6

PA Updated by Philippe Antoine about 4 years ago Actions
Copy link
#7

PA Updated by Philippe Antoine about 4 years ago Actions
Copy link
#8

PA Updated by Philippe Antoine almost 4 years ago Actions
Copy link
#9

	Related to Suricata - Task #4721: http2: enable by default	Closed	Philippe Antoine	Actions
	Related to Suricata - Security #5399: mqtt: DOS by quadratic with too many transactions in one parse	Closed	OISF Dev	Actions

Project

General

Profile

Suricata

Custom queries

Bug #4530

DOS Quadratic complexity when having too many transactions

PA Updated by Philippe Antoine almost 5 years ago ActionsCopy link #1

PA Updated by Philippe Antoine almost 5 years ago ActionsCopy link #2

PA Updated by Philippe Antoine over 4 years ago ActionsCopy link #3

PA Updated by Philippe Antoine over 4 years ago ActionsCopy link #4

PA Updated by Philippe Antoine over 4 years ago ActionsCopy link #5

SB Updated by Shivani Bhardwaj about 4 years ago ActionsCopy link #6

PA Updated by Philippe Antoine about 4 years ago ActionsCopy link #7

PA Updated by Philippe Antoine about 4 years ago ActionsCopy link #8

PA Updated by Philippe Antoine almost 4 years ago ActionsCopy link #9

PA Updated by Philippe Antoine almost 5 years ago Actions
Copy link
#1

PA Updated by Philippe Antoine almost 5 years ago Actions
Copy link
#2

PA Updated by Philippe Antoine over 4 years ago Actions
Copy link
#3

PA Updated by Philippe Antoine over 4 years ago Actions
Copy link
#4

PA Updated by Philippe Antoine over 4 years ago Actions
Copy link
#5

SB Updated by Shivani Bhardwaj about 4 years ago Actions
Copy link
#6

PA Updated by Philippe Antoine about 4 years ago Actions
Copy link
#7

PA Updated by Philippe Antoine about 4 years ago Actions
Copy link
#8

PA Updated by Philippe Antoine almost 4 years ago Actions
Copy link
#9