Project

General

Profile

Actions
Copy link

Security #7450

closed

tracking: signature can allocate arbitrary amount of memory

Added by Philippe Antoine about 1 year ago. Updated 6 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
8.0.0-beta1
Affected Versions:
Label:
CVE:
Git IDs:
Severity:
HIGH
Disclosure Date:
12/09/2024

Description

cf usage of FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION in util-thash.c and detect-base64-decode.c

Subtasks 5 (0 open5 closed)

Security #7451: tracking: signature can allocate arbitrary amount of memory (7.0.x backport)ClosedPhilippe AntoineActions
Security #7613: decode_base64: signature can do large memory allocationClosedPhilippe AntoineActions
Security #7614: decode_base64: signature can do large memory allocation (7.0.x backport)ClosedPhilippe AntoineActions
Security #7615: datasets: signature keyword setting can cause high memory usageClosedPhilippe AntoineActions
Security #7616: datasets: hashsize setting via rules can cause high memory usage (7.0.x backport)ClosedPhilippe AntoineActions

Related issues 2 (0 open2 closed)

Related to Suricata - Task #7461: suricata-verify: pass all testsClosedPhilippe AntoineActions
Related to Suricata - Bug #7462: suricata-verify: pass when compiled with FUZZING_UNSAFERejectedPhilippe AntoineActions
Actions
Copy link
 #1

Updated by OISF Ticketbot about 1 year ago

  • Subtask #7451 added
Actions
Copy link
 #2

Updated by OISF Ticketbot about 1 year ago

  • Label deleted (Needs backport to 7.0)
Actions
Copy link
 #3

Updated by Philippe Antoine about 1 year ago

  • Blocked by Task #7461: suricata-verify: pass all tests added
Actions
Copy link
 #4

Updated by Philippe Antoine about 1 year ago

  • Blocked by deleted (Task #7461: suricata-verify: pass all tests)
Actions
Copy link
 #5

Updated by Philippe Antoine about 1 year ago

  • Related to Task #7461: suricata-verify: pass all tests added
Actions
Copy link
 #6

Updated by Philippe Antoine about 1 year ago

  • Related to Bug #7462: suricata-verify: pass when compiled with FUZZING_UNSAFE added
Actions
Copy link
 #7

Updated by Philippe Antoine about 1 year ago

  • Status changed from New to In Review

Some POC in Gitlab to discuss on

Actions
Copy link
 #8

Updated by Victor Julien 10 months ago

  • Subtask #7613 added
Actions
Copy link
 #9

Updated by Victor Julien 10 months ago

  • Subtask #7615 added
Actions
Copy link
 #10

Updated by Victor Julien 10 months ago

Need to keep this private until all known vectors are fixed and part of a public release.

Actions
Copy link
 #11

Updated by Victor Julien 10 months ago

  • Subject changed from signature can allocate arbitrary amount of memory to tracking: signature can allocate arbitrary amount of memory
  • Status changed from In Review to In Progress
  • Assignee changed from Philippe Antoine to Victor Julien
Actions
Copy link
 #12

Updated by Jason Ish 10 months ago

  • Severity changed from MODERATE to HIGH
Actions
Copy link
 #13

Updated by Philippe Antoine 10 months ago

  • Status changed from In Progress to Closed
Actions
Copy link
 #14

Updated by Jason Ish 6 months ago

  • Private changed from Yes to No
Actions
Copy link

Also available in: Atom PDF