Actions
Security #7209
closedthash: random factor not used; possible abusive hash collisions
Git IDs:
26da953f6dad3793d29f27ce7ab6628a2db8f471
Severity:
CRITICAL
Disclosure Date:
Description
util-thash.c initializes a random factor, however, this is not used. I suspect the intention was to introduce some randomness.
Updated by Philippe Antoine 10 months ago
cf usage of StringHashDjb2 in ContainerUrlRangeHash, network traffic induced
Updated by Philippe Antoine 10 months ago
Updated by Victor Julien 8 months ago
- Target version changed from TBD to 8.0.0-beta1
Updated by Philippe Antoine 8 months ago
git grep 5381 shows a lot of redefinition of StringHashDjb2
Updated by Philippe Antoine 8 months ago
- Related to Optimization #3322: Use standard CRC32 for hash-like functions added
Updated by Victor Julien 8 months ago
- Tracker changed from Bug to Security
- Assignee changed from OISF Dev to Philippe Antoine
- Severity set to CRITICAL
Updated by Juliana Fajardini Reichow 8 months ago
- Related to Security #7289: http: missing hashtable random seed leads to potential DoS added
Updated by Juliana Fajardini Reichow 8 months ago
- CVE set to 2024-47187
Updated by Philippe Antoine 8 months ago
- Status changed from In Review to Closed
Actions