#856649 suricata: CVE-2017-7177: IPv4 defrag evasion issue

Package:
src:suricata
Source:
suricata
Submitter:
Salvatore Bonaccorso
Date:
2023-04-11 04:57:05 UTC
Severity:
important
Tags:
#856649#5
Date:
2017-03-03 09:45:32 UTC
From:
To:
Details:

https://redmine.openinfosecfoundation.org/issues/2019
Fixed by:
https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8
(3.2.1)

No CVE assigned yet. Can you please update the bug once known.

Regards,
Salvatore

#856649#12
Date:
2017-03-15 07:36:26 UTC
From:
To:
Hi,

Any update with getting a CVE on this? :)


Regards,

#856649#17
Date:
2017-03-15 09:21:24 UTC
From:
To:
Hello Chris,

No, unfortuantely we haven't heard back yet.

Regards,
Salvatore

#856649#22
Date:
2017-03-19 19:22:13 UTC
From:
To:
Control: retitle -1 suricata: CVE-2017-7177: IPv4 defrag evasion issue

It's CVE-2017-7177. I have updated the security-tracker.

Regards,
Salvatore

#856649#29
Date:
2017-03-20 13:29:53 UTC
From:
To:
Yes, thanks Salvatore. All seems right.

The upload with the fix is in unstable, in his way for stretch.

I would like to ask, What are your plans regarding wheezy?

#856649#34
Date:
2017-03-20 16:36:39 UTC
From:
To:
Hi Arturo,

Just jumping in here as I just had a look at backporting this patch. I
think there might be some issues with the upstream patch anyway, eg.:

https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8#commitcomment-21401303

Apart from that, how about:

#856649#39
Date:
2023-04-09 11:16:34 UTC
From:
To:
Hi,

(re: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856649)

Can we just close this bug? This has been addressed for years, and I am
not sure we need to keep these open forever.

Thanks and best regards
Sascha

#856649#44
Date:
2023-04-10 13:09:45 UTC
From:
To:
Hi,

Can you pin point the upstream version where this was fixed?

Regards,
Salvatore

#856649#49
Date:
2023-04-10 21:11:12 UTC
From:
To:
Hi Salvatore,
It's upstream version 3.2.1, which is confirmed by the tags listed in
the commit on GitHub and the target version of the fix in upstream's
Redmine. That version was uploaded to unstable later in March 2017 [2].

Just FYI: we're at 6.0.10 now.

Best regards
Sascha

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856649#5
[2]
https://tracker.debian.org/news/841144/accepted-suricata-321-1-source-into-unstable/

#856649#54
Date:
2023-04-11 04:55:07 UTC
From:
To:
Hi Sascha,

Wow that is embarassing :-(. Yes let's close this bug. Metadata was
already tracking it correctly, but there is no point in keeping the
bug open.

Thanks for prodding again.

Regards,
Salvatore

#856649#59
Date:
2023-04-11 04:55:07 UTC
From:
To:
Hi Sascha,

Wow that is embarassing :-(. Yes let's close this bug. Metadata was
already tracking it correctly, but there is no point in keeping the
bug open.

Thanks for prodding again.

Regards,
Salvatore