Actions
Security #7209
closedthash: random factor not used; possible abusive hash collisions
Git IDs:
26da953f6dad3793d29f27ce7ab6628a2db8f471
Severity:
CRITICAL
Disclosure Date:
Description
util-thash.c initializes a random factor, however, this is not used. I suspect the intention was to introduce some randomness.
Updated by Philippe Antoine 4 months ago
cf usage of StringHashDjb2 in ContainerUrlRangeHash, network traffic induced
Updated by Philippe Antoine 4 months ago
Updated by Victor Julien 3 months ago
- Target version changed from TBD to 8.0.0-beta1
Updated by Philippe Antoine 3 months ago
git grep 5381 shows a lot of redefinition of StringHashDjb2
Updated by Philippe Antoine 3 months ago
- Related to Optimization #3322: Use standard CRC32 for hash-like functions added
Updated by Victor Julien 3 months ago
- Tracker changed from Bug to Security
- Assignee changed from OISF Dev to Philippe Antoine
- Severity set to CRITICAL
Updated by Juliana Fajardini Reichow 3 months ago
- Related to Security #7289: http: missing hashtable random seed leads to potential DoS added
Updated by Juliana Fajardini Reichow 3 months ago
- CVE set to 2024-47187
Updated by Philippe Antoine 3 months ago
- Status changed from In Review to Closed
Actions