Security #7033: http/range: segv when http.memcap is reached (7.0.x backport) - Suricata - Open Information Security Foundation

Actions

Copy link

Security #7033

closed

Security #7029: http/range: segv when http.memcap is reached

http/range: segv when http.memcap is reached (7.0.x backport)

Added by OISF Ticketbot 4 months ago. Updated about 2 months ago.

Status:

Closed

Priority:

Normal

Assignee:

Philippe Antoine

Target version:

7.0.6

Affected Versions:

Label:

CVE:

2024-38536

Git IDs:

Severity:

HIGH

Disclosure Date:

Actions

Copy link

Updated by Philippe Antoine 4 months ago

Status changed from Assigned to In Review

https://github.com/OISF/suricata/pull/11114

Actions

Copy link

Updated by Philippe Antoine 4 months ago

Status changed from In Review to Closed

Actions

Copy link

Updated by Jason Ish 3 months ago

Severity changed from MODERATE to CRITICAL

Actions

Copy link

Updated by Victor Julien 2 months ago

Severity changed from CRITICAL to HIGH

HIGH as http.memcap is disabled by default.

Actions

Copy link

Updated by Victor Julien 2 months ago

https://github.com/OISF/suricata/security/advisories/GHSA-j32j-4w6g-94hh

Actions

Copy link

Updated by Juliana Fajardini Reichow 2 months ago

CVE set to 2024-38536

Actions

Copy link

Updated by Victor Julien about 2 months ago

Private changed from Yes to No

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Security #7033

http/range: segv when http.memcap is reached (7.0.x backport)

Updated by Philippe Antoine 4 months ago

Updated by Philippe Antoine 4 months ago

Updated by Jason Ish 3 months ago

Updated by Victor Julien 2 months ago

Updated by Victor Julien 2 months ago

Updated by Juliana Fajardini Reichow 2 months ago

Updated by Victor Julien about 2 months ago