Project

General

Profile

Actions
Copy link

Bug #6846

closed
PA PA

eve/alerts: wrongly using tx id 0 when there is no tx

Bug #6846: eve/alerts: wrongly using tx id 0 when there is no tx

Added by Philippe Antoine about 2 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
8.0.0-beta1
Affected Versions:
Effort:
Difficulty:
Label:

Description

Found by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64345&q=label%3AProj-suricata&can=2

cf #6770

This leads to quadratic complexity arbitrary length value being logged an arbitrary number of times because we lof tx id 0 data when there is no data

Subtasks 2 (0 open2 closed)

Bug #6847: alerts: wrongly using tx id 0 when there is no tx (6.0.x backport)RejectedActions
Bug #6848: alerts: wrongly using tx id 0 when there is no tx (7.0.x backport)ClosedPhilippe AntoineActions

Related issues 4 (0 open4 closed)

Related to Suricata - Security #6770: log: arbitrary-length value can be loggedClosedOISF DevActions
Related to Suricata - Security #6900: http2: timeout logging headersClosedPhilippe AntoineActions
Related to Suricata - Bug #6973: detect: log relevant frames app-layer metdataClosedPhilippe AntoineActions
Related to Suricata - Task #7350: firewall usecase: log app-layer metadata for for catch-all drop rulesClosedOISF DevActions

PA Updated by Philippe Antoine about 2 years ago Actions
Copy link
 #1

  • Related to Security #6770: log: arbitrary-length value can be logged added

OT Updated by OISF Ticketbot about 2 years ago Actions
Copy link
 #2

  • Subtask #6847 added

OT Updated by OISF Ticketbot about 2 years ago Actions
Copy link
 #3

  • Label deleted (Needs backport to 6.0)

OT Updated by OISF Ticketbot about 2 years ago Actions
Copy link
 #4

  • Subtask #6848 added

OT Updated by OISF Ticketbot about 2 years ago Actions
Copy link
 #5

  • Label deleted (Needs backport to 7.0)

PA Updated by Philippe Antoine about 2 years ago Actions
Copy link
 #6

  • Status changed from New to In Review

Gitlab MR

VJ Updated by Victor Julien about 2 years ago Actions
Copy link
 #7

  • Tracker changed from Security to Bug
  • Severity deleted (HIGH)
  • Disclosure Date deleted (02/19/2024)

PA Updated by Philippe Antoine about 2 years ago Actions
Copy link
 #8

PA Updated by Philippe Antoine about 2 years ago Actions
Copy link
 #10

  • Status changed from In Review to Resolved

PA Updated by Philippe Antoine about 2 years ago Actions
Copy link
 #12

Still https://github.com/OISF/suricata/pull/10924 to complete first merge

JF Updated by Juliana Fajardini Reichow about 2 years ago Actions
Copy link
 #13

  • Related to Bug #6973: detect: log relevant frames app-layer metdata added

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
 #14

  • Status changed from Resolved to Closed

VJ Updated by Victor Julien almost 2 years ago Actions
Copy link
 #15

  • Private changed from Yes to No

JI Updated by Jason Ish over 1 year ago Actions
Copy link
 #16

  • Related to Task #7350: firewall usecase: log app-layer metadata for for catch-all drop rules added

VJ Updated by Victor Julien about 1 year ago Actions
Copy link
 #17

  • Subject changed from alerts: wrongly using tx id 0 when there is no tx to eve/alerts: wrongly using tx id 0 when there is no tx
Actions
Copy link

Also available in: PDF Atom