Actions
Security #6195
closedprocess exit in hyperscan error handling
Affected Versions:
Label:
CVE:
Git IDs:
Severity:
HIGH
Disclosure Date:
Description
A malformed rule can cause the process to exit due to hyperscan integration triggering a fatal error if hyperscan can't compile a pattern.
This can happen during a rule upgrade, which would exit the process. The process could then not start back up again until the offending rule is removed.
The issue would be mitigated by using a "test" step in the rule upgrade process. In this case the ruleset update would be rejected.
Updated by Victor Julien over 1 year ago
- Related to Security #6122: lua: flag to disable lua support added
Updated by Victor Julien over 1 year ago
- Status changed from New to In Progress
- Assignee changed from OISF Dev to Victor Julien
Updated by Victor Julien over 1 year ago
- Target version changed from 7.0.0 to 7.0.1
Updated by Jeff Lucovsky over 1 year ago
I'll take a look at this; can you share the rule that causes hs compilation to fail?
Updated by Victor Julien over 1 year ago
- Status changed from In Progress to In Review
Updated by Victor Julien over 1 year ago
- Status changed from In Review to Resolved
Updated by Victor Julien over 1 year ago
- Status changed from Resolved to Closed
Actions