CVE-2016-10728

An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection.
Configurations

Configuration 1 (hide)

cpe:2.3:a:suricata-ids:suricata:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-07-23 20:29

Updated : 2024-02-04 20:03


NVD link : CVE-2016-10728

Mitre link : CVE-2016-10728

CVE.ORG link : CVE-2016-10728


JSON object : View

Products Affected

suricata-ids

  • suricata
CWE
CWE-20

Improper Input Validation