Project

General

Profile

Actions
Copy link

Security #6669

closed

ip defrag: re-assembly error in bsd policy

Added by Jason Ish 8 months ago. Updated 4 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Jason Ish
Target version:
8.0.0-beta1
Affected Versions:
6.0.15, 7.0.2
Label:
CVE:
2024-32867
Git IDs:

f1709ea551124e1a64fdc509993ad022ab27aa77

Severity:
MODERATE
Disclosure Date:

Description

Given a subsequent fragment that starts before an original fragment, and overlaps the beginning of the original fragment, Suricata has been preferring the data from the original fragment.

However, per the Novak-Sturges paper, the original fragment data should only be preferred if it has an offset <= to the new fragment.

Fix is to use the data from the new fragment if it has an offset less than the offset of the original fragment.

This is covered in the test bsd/peose/test9.

Subtasks 2 (0 open2 closed)

Security #6670: ip defrag: re-assembly error in bsd policy (6.0.x backport)ClosedJason IshActions
Security #6672: ip defrag: re-assembly error in bsd policy (7.0.x backport)ClosedJason IshActions
Actions
Copy link
 #1

Updated by OISF Ticketbot 8 months ago

  • Subtask #6670 added
Actions
Copy link
 #2

Updated by OISF Ticketbot 8 months ago

  • Label deleted (Needs backport to 6.0)
Actions
Copy link
 #3

Updated by OISF Ticketbot 8 months ago

  • Subtask #6672 added
Actions
Copy link
 #4

Updated by OISF Ticketbot 8 months ago

  • Label deleted (Needs backport to 7.0)
Actions
Copy link
 #5

Updated by Jason Ish 8 months ago

  • Status changed from New to In Review
Actions
Copy link
 #6

Updated by Jason Ish 5 months ago

  • Status changed from In Review to Resolved
Actions
Copy link
 #7

Updated by Jason Ish 5 months ago

  • Status changed from Resolved to In Review
Actions
Copy link
 #8

Updated by Victor Julien 5 months ago

  • CVE set to 2024-32867
Actions
Copy link
 #9

Updated by Victor Julien 5 months ago

  • Status changed from In Review to Closed
  • Git IDs updated (diff)
Actions
Copy link
 #11

Updated by Victor Julien 4 months ago

Credits: PhD thesis work from Lucas Aubard supervised by Johan Mazel, Gilles Guette and Pierre Chifflier

Actions
Copy link

Also available in: Atom PDF