Bug #2118: defrag - overlap issue in linux policy - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #2118

closed

defrag - overlap issue in linux policy

Added by Jason Ish over 7 years ago. Updated over 7 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Jason Ish

Target version:

4.0beta1

Affected Versions:

Effort:

Difficulty:

Label:

Description

When two fragment overlap one another, suricata seems to privilege data from the fragment with the lower offset, when the linux convention seems to keep the first (in time) data received.

This appears to be an edge case not handled by the existing unit tests.

Reported by Jérémy Beaume.

History
Notes
Property changes

Actions

Copy link

Updated by Jason Ish over 7 years ago

Issue has been fixed in git master:
https://github.com/inliniac/suricata/pull/2648

Actions

Copy link

Updated by Jason Ish over 7 years ago

Status changed from Assigned to Closed

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #2118

defrag - overlap issue in linux policy

Updated by Jason Ish over 7 years ago

Updated by Jason Ish over 7 years ago