Project

General

Profile

Actions
Copy link

Security #6444

closed

http1: quadratic complexity from infinite folded headers

Added by Philippe Antoine 6 months ago. Updated about 1 month ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
8.0.0-beta1
Affected Versions:
Label:
CVE:
2024-23837
Git IDs:

20ac301d801cdf01b3f021cca08a22a87f477c4a

Severity:
CRITICAL
Disclosure Date:
01/24/2024

Description

Found by oss-fuzz with quadfuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63600&q=label%3AProj-suricata

POC to reproduce is

GET / HTTP/1.1
Host: localhost
Header: a
 b
 b
 b
 b

never stopping

Files

lol.pcap (1.11 MB) lol.pcap reproducer Philippe Antoine, 11/08/2023 08:55 AM

Subtasks 2 (0 open2 closed)

Security #6528: http1: quadratic complexity from infinite folded headers (6.0.x backport)ClosedPhilippe AntoineActions
Security #6533: http1: quadratic complexity from infinite folded headers (7.0.x backport)ClosedPhilippe AntoineActions
Actions
Copy link

Also available in: Atom PDF