Open Information Security Foundation

01/16/2026

02:17 PM Suricata Bug #8232 (New): Underflow in DefragInsertFrag in defrag.c

During fuzzing, an underflow was discovered in ip defragmentation algorithm for the first fragment.... Sergey Zhidkih

01/15/2026

03:34 PM Suricata Bug #8184 (In Review): Loop counters underflows across codebase

Sergey Zhidkih

01/05/2026

03:46 PM Suricata Bug #8184: Loop counters underflows across codebase

Victor Julien wrote in #note-1:
> Hi Sergey, you mention that "So I fixed all of them". Where did you fix this?
I... Sergey Zhidkih

12/29/2025

12:28 PM Suricata Bug #8184 (In Review): Loop counters underflows across codebase

During the fuzzing of sigpcap for 7.10.0, multiple occurrences of loop counter underflow were detected.
After inve... Sergey Zhidkih

12/01/2025

02:01 PM Suricata Bug #8146: utils-spm-hs: missing deallocators on hs_compile failure

May I claim this issue and get developer role? Sergey Zhidkih

01:38 PM Suricata Bug #8146 (Resolved): utils-spm-hs: missing deallocators on hs_compile failure

During fuzzing siginit discovered two minor memory leaks in HSBuildDatabase which is caused by missing deallocators w... Sergey Zhidkih

11/27/2025

02:58 PM Suricata Security #8143: Misalligned access to ip header data.

Victor Julien wrote in #note-2:
> All platforms we care about support unaligned access. There may be a small perf pe... Sergey Zhidkih

09:49 AM Suricata Security #8143 (Feedback): Misalligned access to ip header data.

During fuzz session with enabled undefined sanitizer, fuzz_sigpcap discovered misaligned access to ip header data.
... Sergey Zhidkih

09/30/2025

07:02 PM Suricata Security #7966 (Assigned): Relevance of QA UBSan article

I fuzz suricata 7.0.10 and recently I decided to enable some of undefined behavior sanitizers which led to a bunch of... Sergey Zhidkih