Actions
Security #5686
closeddecoder/tunnel: tunnel depth not limited properly
Affected Versions:
Label:
CVE:
Git IDs:
03d049dadce71b5e751dddd3bfddd3a2ccf7a21d
Severity:
HIGH
Disclosure Date:
Description
Stacking many layers of IPv4 in IPv4, IPv6 over IPv4, etc results in severe performance degradation, possibly other problems.
Some of these layers will get their own flow tracking, so a single packet might create many flows, each leading to locking overhead, timeout handling, eve.flow records, etc.
Updated by Victor Julien about 2 years ago
- Label deleted (
Needs backport to 6.0)
Updated by Victor Julien about 2 years ago
- Status changed from In Progress to In Review
Updated by Victor Julien about 2 years ago
- Status changed from In Review to Closed
- Git IDs updated (diff)
Actions