Security #7613: decode_base64: signature can do large memory allocation - Suricata - Open Information Security Foundation

Actions

Copy link

Security #7613

closed

Security #7450: tracking: signature can allocate arbitrary amount of memory

decode_base64: signature can do large memory allocation

Added by Victor Julien 10 months ago. Updated 6 months ago.

Status:

Closed

Priority:

Normal

Assignee:

Philippe Antoine

Target version:

8.0.0-beta1

Affected Versions:

Label:

CVE:

2025-29917

Git IDs:

Severity:

HIGH

Disclosure Date:

Description

decode_base64 setting case cause large per thread allocation.

This can lead to resource starvation on systems with lower memory. Also, could lead to rule reload failures.

Subtasks 1 (0 open — 1 closed)

Actions

Copy link

Updated by OISF Ticketbot 10 months ago

Subtask #7614 added

Actions

Copy link

Updated by OISF Ticketbot 10 months ago

Label deleted (~~Needs backport to 7.0~~)

Actions

Copy link

Updated by Juliana Fajardini Reichow 10 months ago

CVE set to 2025-29917

Security Advisory: https://github.com/OISF/suricata/security/advisories/GHSA-x8c9-8553-j9px

Actions

Copy link

Updated by Philippe Antoine 10 months ago

Status changed from In Review to Resolved

32d0bd2bbb4d486623dec85a94952fde2515f2f0

Actions

Copy link

Updated by Philippe Antoine 10 months ago

Status changed from Resolved to Closed

Actions

Copy link

Updated by Jason Ish 6 months ago

Private changed from Yes to No

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Security #7613

decode_base64: signature can do large memory allocation

Updated by OISF Ticketbot 10 months ago

Updated by OISF Ticketbot 10 months ago

Updated by Juliana Fajardini Reichow 10 months ago

Updated by Philippe Antoine 10 months ago

Updated by Philippe Antoine 10 months ago

Updated by Jason Ish 6 months ago