Project

General

Profile

Actions

Bug #3942

closed

Multi-byte Heap buffer over-read in ssl parser

Added by Jeff Lucovsky over 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24534

Problem is reuse of session_id_length in different contexts : SSLv2 and TLSv1.3


Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #3853: Multi-byte Heap buffer over-read in ssl parserClosedPhilippe AntoineActions
Actions #1

Updated by Jeff Lucovsky over 4 years ago

  • Copied from Bug #3853: Multi-byte Heap buffer over-read in ssl parser added
Actions #2

Updated by Jeff Lucovsky about 4 years ago

  • Status changed from Assigned to In Review
Actions #3

Updated by Victor Julien about 4 years ago

  • Status changed from In Review to Closed
Actions #4

Updated by Jeff Lucovsky about 4 years ago

  • Private changed from Yes to No
Actions

Also available in: Atom PDF