Actions
Security #7450
closed
PA
VJ
tracking: signature can allocate arbitrary amount of memory
Security #7450:
tracking: signature can allocate arbitrary amount of memory
Added by Philippe Antoine over 1 year ago. Updated 9 months ago.
Affected Versions:
Label:
CVE:
Git IDs:
Severity:
HIGH
Disclosure Date:
12/09/2024
Description
cf usage of FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION in util-thash.c and detect-base64-decode.c
OT Updated by OISF Ticketbot over 1 year ago Actions #1
- Subtask #7451 added
OT Updated by OISF Ticketbot over 1 year ago Actions #2
- Label deleted (
Needs backport to 7.0)
PA Updated by Philippe Antoine over 1 year ago Actions #3
- Blocked by Task #7461: suricata-verify: pass all tests added
PA Updated by Philippe Antoine over 1 year ago Actions #4
- Blocked by deleted (Task #7461: suricata-verify: pass all tests)
PA Updated by Philippe Antoine over 1 year ago Actions #5
- Related to Task #7461: suricata-verify: pass all tests added
PA Updated by Philippe Antoine over 1 year ago Actions #6
- Related to Bug #7462: suricata-verify: pass when compiled with FUZZING_UNSAFE added
PA Updated by Philippe Antoine over 1 year ago Actions #7
- Status changed from New to In Review
Some POC in Gitlab to discuss on
VJ Updated by Victor Julien about 1 year ago Actions #8
- Subtask #7613 added
VJ Updated by Victor Julien about 1 year ago Actions #9
- Subtask #7615 added
VJ Updated by Victor Julien about 1 year ago Actions #10
Need to keep this private until all known vectors are fixed and part of a public release.
VJ Updated by Victor Julien about 1 year ago Actions #11
- Subject changed from signature can allocate arbitrary amount of memory to tracking: signature can allocate arbitrary amount of memory
- Status changed from In Review to In Progress
- Assignee changed from Philippe Antoine to Victor Julien
JI Updated by Jason Ish about 1 year ago Actions #12
- Severity changed from MODERATE to HIGH
PA Updated by Philippe Antoine about 1 year ago Actions #13
- Status changed from In Progress to Closed
Actions