Project

General

Profile

Actions
Copy link

Security #7861

closed

detect: Dynamic-stack-buffer-overflow in ShortenString

Added by Philippe Antoine about 1 month ago. Updated 1 day ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
8.0.1
Affected Versions:
Label:
CVE:
2025-59149
Git IDs:
Severity:
HIGH
Disclosure Date:
11/03/2025

Description

Found by oss-fuzz:
https://issues.oss-fuzz.com/u/1/issues/436119686

Not affecting 7 because there is no 29-char keyword like ldap.responsEs.attribute_type in 8

Cause of overflow is ShortenString not handling a buffer of size 0
But bigger question is why DetectBufferMpmRegistry has 2 fields name and pname ?

Actions
Copy link
 #1

Updated by Philippe Antoine about 1 month ago

  • Status changed from New to In Review

Gitlab MR

Actions
Copy link
 #2

Updated by Jason Ish 22 days ago

  • Severity changed from MODERATE to HIGH
Actions
Copy link
 #3

Updated by Victor Julien 17 days ago

  • Status changed from In Review to Closed
Actions
Copy link
 #4

Updated by Victor Julien 16 days ago

  • CVE set to 2025-59149
Actions
Copy link
 #5

Updated by Victor Julien 1 day ago

  • Private changed from Yes to No
Actions
Copy link

Also available in: Atom PDF