Actions
Bug #6846
closedalerts: wrongly using tx id 0 when there is no tx
Affected Versions:
Effort:
Difficulty:
Label:
Description
Found by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64345&q=label%3AProj-suricata&can=2
cf #6770
This leads to quadratic complexity arbitrary length value being logged an arbitrary number of times because we lof tx id 0 data when there is no data
Updated by Victor Julien 8 months ago
- Tracker changed from Security to Bug
- Severity deleted (
HIGH) - Disclosure Date deleted (
02/19/2024)
Updated by Philippe Antoine 8 months ago
- Related to Security #6900: http2: timeout logging headers added
Updated by Philippe Antoine 7 months ago
Updated by Philippe Antoine 7 months ago
- Status changed from In Review to Resolved
Updated by Philippe Antoine 7 months ago
Updated by Philippe Antoine 7 months ago
Still https://github.com/OISF/suricata/pull/10924 to complete first merge
Updated by Juliana Fajardini Reichow 7 months ago
- Related to Bug #6973: detect: log relevant frames app-layer metdata added
Updated by Philippe Antoine 6 months ago
- Status changed from Resolved to Closed
Updated by Jason Ish 21 days ago
- Related to Task #7350: firewall usecase: log app-layer metadata for for catch-all drop rules added
Actions