Security #7613: decode_base64: signature can do large memory allocation - Suricata - Open Information Security Foundation

Actions

Copy link

Security #7613

closed

Security #7450: tracking: signature can allocate arbitrary amount of memory

decode_base64: signature can do large memory allocation

Added by Victor Julien 4 months ago. Updated 8 days ago.

Status:

Closed

Priority:

Normal

Assignee:

Philippe Antoine

Target version:

8.0.0-beta1

Affected Versions:

Label:

CVE:

2025-29917

Git IDs:

Severity:

HIGH

Disclosure Date:

Description

decode_base64 setting case cause large per thread allocation.

This can lead to resource starvation on systems with lower memory. Also, could lead to rule reload failures.

Subtasks 1 (0 open — 1 closed)

Actions

Copy link

Updated by OISF Ticketbot 4 months ago

Subtask #7614 added

Actions

Copy link

Updated by OISF Ticketbot 4 months ago

Label deleted (~~Needs backport to 7.0~~)

Actions

Copy link

Updated by Juliana Fajardini Reichow 4 months ago

CVE set to 2025-29917

Security Advisory: https://github.com/OISF/suricata/security/advisories/GHSA-x8c9-8553-j9px

Actions

Copy link

Updated by Philippe Antoine 4 months ago

Status changed from In Review to Resolved

32d0bd2bbb4d486623dec85a94952fde2515f2f0

Actions

Copy link

Updated by Philippe Antoine 4 months ago

Status changed from Resolved to Closed

Actions

Copy link

Updated by Jason Ish 8 days ago

Private changed from Yes to No

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Security #7613

decode_base64: signature can do large memory allocation

Updated by OISF Ticketbot 4 months ago

Updated by OISF Ticketbot 4 months ago

Updated by Juliana Fajardini Reichow 4 months ago

Updated by Philippe Antoine 4 months ago

Updated by Philippe Antoine 4 months ago

Updated by Jason Ish 8 days ago