Actions
Security #6195
closed
VJ
VJ
process exit in hyperscan error handling
Security #6195:
process exit in hyperscan error handling
Affected Versions:
Label:
CVE:
Git IDs:
Severity:
HIGH
Disclosure Date:
Description
A malformed rule can cause the process to exit due to hyperscan integration triggering a fatal error if hyperscan can't compile a pattern.
This can happen during a rule upgrade, which would exit the process. The process could then not start back up again until the offending rule is removed.
The issue would be mitigated by using a "test" step in the rule upgrade process. In this case the ruleset update would be rejected.
OT Updated by OISF Ticketbot almost 3 years ago
- Subtask #6196 added
OT Updated by OISF Ticketbot almost 3 years ago
- Label deleted (
Needs backport to 6.0)
VJ Updated by Victor Julien almost 3 years ago
- Related to Security #6122: lua: flag to disable lua support added
VJ Updated by Victor Julien almost 3 years ago
- Status changed from New to In Progress
- Assignee changed from OISF Dev to Victor Julien
VJ Updated by Victor Julien almost 3 years ago
- Target version changed from 7.0.0 to 7.0.1
JL Updated by Jeff Lucovsky over 2 years ago
I'll take a look at this; can you share the rule that causes hs compilation to fail?
VJ Updated by Victor Julien over 2 years ago
I have a fix and test.
VJ Updated by Victor Julien over 2 years ago
- Status changed from In Progress to In Review
VJ Updated by Victor Julien over 2 years ago
- Severity changed from MODERATE to HIGH
VJ Updated by Victor Julien over 2 years ago
- Status changed from In Review to Resolved
VJ Updated by Victor Julien over 2 years ago
- Status changed from Resolved to Closed
VJ Updated by Victor Julien over 2 years ago
- Private changed from Yes to No
Actions