Project

General

Profile

Actions
Copy link

Security #7450

closed

tracking: signature can allocate arbitrary amount of memory

Added by Philippe Antoine 8 months ago. Updated 5 days ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
8.0.0-beta1
Affected Versions:
Label:
CVE:
Git IDs:
Severity:
HIGH
Disclosure Date:
12/09/2024

Description

cf usage of FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION in util-thash.c and detect-base64-decode.c

Subtasks 5 (0 open5 closed)

Security #7451: tracking: signature can allocate arbitrary amount of memory (7.0.x backport)ClosedPhilippe AntoineActions
Security #7613: decode_base64: signature can do large memory allocationClosedPhilippe AntoineActions
Security #7614: decode_base64: signature can do large memory allocation (7.0.x backport)ClosedPhilippe AntoineActions
Security #7615: datasets: signature keyword setting can cause high memory usageClosedPhilippe AntoineActions
Security #7616: datasets: hashsize setting via rules can cause high memory usage (7.0.x backport)ClosedPhilippe AntoineActions

Related issues 2 (0 open2 closed)

Related to Suricata - Task #7461: suricata-verify: pass all testsClosedPhilippe AntoineActions
Related to Suricata - Bug #7462: suricata-verify: pass when compiled with FUZZING_UNSAFERejectedPhilippe AntoineActions
Actions
Copy link

Also available in: Atom PDF