Security #6481: http2: quadratic complexity in find_or_create_tx not bounded by max-tx - Suricata - Open Information Security Foundation

Issue is about number of transactions created from a single block of data. Since the minimal size to create a tx is small, it can still be a very large number.

Actions

Copy link

Updated by Victor Julien 4 months ago

Label Needs backport to 6.0 added

Actions

Copy link

Updated by OISF Ticketbot 4 months ago

Subtask #6660 added

Actions

Copy link

Updated by OISF Ticketbot 4 months ago

Label deleted (~~Needs backport to 6.0~~)

Actions

Copy link

#10

Updated by Victor Julien 3 months ago

Status changed from In Review to Resolved
CVE set to 2024-23836

Actions

Copy link

#11

Updated by Philippe Antoine 3 months ago

Status changed from Resolved to Closed
Git IDs updated (diff)

Actions

Copy link

#12

Updated by Victor Julien 2 months ago

Private changed from Yes to No

Actions

Copy link

#13

Updated by Victor Julien 2 months ago

https://github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpc

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Security #6481

http2: quadratic complexity in find_or_create_tx not bounded by max-tx

Updated by Philippe Antoine 6 months ago

Updated by Victor Julien 5 months ago

Updated by OISF Ticketbot 5 months ago

Updated by OISF Ticketbot 5 months ago

Updated by Philippe Antoine 4 months ago

Updated by Victor Julien 4 months ago

Updated by Victor Julien 4 months ago

Updated by OISF Ticketbot 4 months ago

Updated by OISF Ticketbot 4 months ago

Updated by Victor Julien 3 months ago

Updated by Philippe Antoine 3 months ago

Updated by Victor Julien 2 months ago

Updated by Victor Julien 2 months ago