Project

General

Profile

Actions

Security #7209

closed

thash: random factor not used; possible abusive hash collisions

Added by Jason Ish 4 months ago. Updated 2 months ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Label:
Git IDs:

26da953f6dad3793d29f27ce7ab6628a2db8f471

Severity:
CRITICAL
Disclosure Date:

Description

util-thash.c initializes a random factor, however, this is not used. I suspect the intention was to introduce some randomness.


Subtasks 1 (0 open1 closed)

Security #7258: thash: random factor not used; possible abusive hash collisions (7.0.x backport)ClosedPhilippe AntoineActions

Related issues 2 (1 open1 closed)

Related to Suricata - Optimization #3322: Use standard CRC32 for hash-like functionsNewCommunity TicketActions
Related to Suricata - Security #7289: http: missing hashtable random seed leads to potential DoSClosedPhilippe AntoineActions
Actions

Also available in: Atom PDF