An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-07-23T20:00:00

Updated: 2024-08-06T03:30:20.166Z

Reserved: 2018-07-23T00:00:00

Link: CVE-2016-10728

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2018-07-23T20:29:00.240

Modified: 2018-09-20T13:33:49.523

Link: CVE-2016-10728

cve-icon Redhat

No data.