Project

General

Profile

Actions
Copy link

Security #6931

closed
OT PA

Security #6902: base64: off-by-three overflow in DecodeBase64()

base64: off-by-three overflow in DecodeBase64() (6.0.x backport)

Security #6931: base64: off-by-three overflow in DecodeBase64() (6.0.x backport)

Added by OISF Ticketbot almost 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
6.0.19
Affected Versions:
Label:
CVE:
2024-32664
Git IDs:
Severity:
CRITICAL
Disclosure Date:

VJ Updated by Victor Julien almost 2 years ago Actions
Copy link
 #1

  • Severity changed from MODERATE to CRITICAL

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
 #2

Severity is critical in master6, and not in later branches, because the limited overflow can overwrite different fields (in the case suricata was not built with NSS) and these fields which get used in the default configuration

VJ Updated by Victor Julien almost 2 years ago Actions
Copy link
 #3

  • Status changed from Assigned to Resolved

VJ Updated by Victor Julien almost 2 years ago Actions
Copy link
 #4

  • CVE set to 2024-32664

VJ Updated by Victor Julien almost 2 years ago Actions
Copy link
 #5

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: PDF Atom