Security #7040: defrag: id reuse can lead to invalid reassembly - Suricata - Open Information Security Foundation

Actions

Copy link

Security #7040

closed

defrag: id reuse can lead to invalid reassembly

Added by Victor Julien about 1 year ago. Updated 2 days ago.

Status:

Closed

Priority:

Normal

Assignee:

Victor Julien

Target version:

8.0.0-beta1

Affected Versions:

Label:

CVE:

2024-37151

Git IDs:

Severity:

CRITICAL

Disclosure Date:

Description

When 2 sets of fragments are sent with the same id in quick succession, the 2nd set may reuse the DefragTracker for the first set. This will lead to incorrect reassembly logic. An incomplete packet will be decoded, leading to decoder events and general policy bypass.

The issue is in DefragGetTrackerFromHash which does not respect the DefragTracker::remove field in all it's lookup paths.

Subtasks 2 (0 open — 2 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Security #7040

defrag: id reuse can lead to invalid reassembly

Updated by OISF Ticketbot about 1 year ago

Updated by OISF Ticketbot about 1 year ago

Updated by OISF Ticketbot about 1 year ago

Updated by OISF Ticketbot about 1 year ago

Updated by Victor Julien about 1 year ago

Updated by Victor Julien about 1 year ago

Updated by Victor Julien about 1 year ago

Updated by Victor Julien about 1 year ago

Updated by Victor Julien about 1 year ago

Updated by Victor Julien about 1 year ago

Updated by Juliana Fajardini Reichow 2 days ago