Project

General

Profile

Actions
Copy link

Security #7615

closed

Security #7450: tracking: signature can allocate arbitrary amount of memory

datasets: signature keyword setting can cause high memory usage

Added by Victor Julien 5 months ago. Updated 11 days ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
8.0.0-beta1
Affected Versions:
Label:
CVE:
2025-29916
Git IDs:
Severity:
MODERATE
Disclosure Date:

Description

When the dataset is defined in the rule it can specify a large hash size leading to a large memory allocation.

Subtasks 1 (0 open1 closed)

Security #7616: datasets: hashsize setting via rules can cause high memory usage (7.0.x backport)ClosedPhilippe AntoineActions
Actions
Copy link
 #1

Updated by Victor Julien 5 months ago

  • Label Needs backport to 7.0 added
Actions
Copy link
 #2

Updated by OISF Ticketbot 5 months ago

  • Subtask #7616 added
Actions
Copy link
 #3

Updated by OISF Ticketbot 5 months ago

  • Label deleted (Needs backport to 7.0)
Actions
Copy link
 #5

Updated by Philippe Antoine 4 months ago

  • Status changed from In Progress to Closed

a7713db709b8a0be5fc5e5809ab58e9b14a16e85

Actions
Copy link
 #6

Updated by Jason Ish 11 days ago

  • Private changed from Yes to No
Actions
Copy link

Also available in: Atom PDF