Bug #6553: eve/alert: payload/payload_printable misrepresent data in case of overlaps - Suricata - Open Information Security Foundation

Actions

Bug #6553

open

eve/alert: payload/payload_printable misrepresent data in case of overlaps

Added by Victor Julien 5 months ago. Updated 14 days ago.

Status:

Resolved

Priority:

High

Assignee:

Target version:

Affected Versions:

Effort:

Difficulty:

Label:

Description

In certain TCP segment overlap scenarios the payload/payload_printable fields contain partly duplicate data essentially corrupting the data.

Subtasks 2 (1 open — 1 closed)

Actions

#1

Updated by OISF Ticketbot 5 months ago

Subtask #6554 added

Actions

#2

Updated by OISF Ticketbot 5 months ago

Label deleted (~~Needs backport to 6.0~~)

Actions

#3

Updated by OISF Ticketbot 5 months ago

Subtask #6555 added

Actions

#4

Updated by OISF Ticketbot 5 months ago

Label deleted (~~Needs backport to 7.0~~)

Actions

#5

Updated by Victor Julien 5 months ago

Status changed from In Progress to In Review

https://github.com/OISF/suricata/pull/9854

Actions

#6

Updated by Victor Julien about 1 month ago

Status changed from In Review to Resolved

https://github.com/OISF/suricata/pull/10592

Actions

Also available in: Atom PDF