CVE-2017-7177
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-7177
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7177.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-7177
- Downstream
- Published
- 2017-03-18T20:59:00Z
- Modified
- 2025-10-18T10:54:19.575171Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.
- References
Affected packages
Git / github.com/inliniac/suricata
Git / github.com/inliniac/suricata
Affected ranges
- Type
- GIT
- Repo
- https://github.com/oisf/suricata
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
suricata-0.*
suricata-0.8.2
suricata-1.*
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
suricata-1.2
suricata-1.2.1
suricata-1.2beta1
suricata-1.2rc1
suricata-1.3
suricata-1.3.1
suricata-1.3beta1
suricata-1.3beta2
suricata-1.3rc1
suricata-1.4
suricata-1.4beta1
suricata-1.4beta2
suricata-1.4beta3
suricata-1.4rc1
suricata-2.*
suricata-2.0
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0.2
suricata-2.0beta1
suricata-2.0beta2
suricata-2.0rc1
suricata-2.0rc2
suricata-2.0rc3
suricata-2.1beta1
suricata-2.1beta2
suricata-2.1beta3
suricata-2.1beta4
suricata-3.*
suricata-3.0
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0RC1
suricata-3.0RC2
suricata-3.0RC3
suricata-3.1
suricata-3.1.1
suricata-3.1.2
suricata-3.1RC1
suricata-3.2
suricata-3.2RC1
suricata-3.2beta1
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragVlanQinQTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "79916942618866972839484438901243345408",
"length": 802.0
},
"id": "CVE-2017-7177-01489305"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragTrackerReuseTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "175555884426307745297771946362366508226",
"length": 756.0
},
"id": "CVE-2017-7177-0c2aae54"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"file": "src/defrag-hash.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"94642097487991195486086245431953979179",
"198311692224188654937390154792625013284",
"256306544840147279184007759777913797841",
"185359887398480989974920139321336421321",
"38169523257865215479068016130563195558",
"29365486624403151484811941219326570990",
"273843950816858899148502620372086569970",
"120265692309158442816102975320118826400"
]
},
"id": "CVE-2017-7177-263d0a09"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragInOrderSimpleTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "235051773791554090929711174098370599041",
"length": 1173.0
},
"id": "CVE-2017-7177-6a2a1ebf"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragTrackerInit",
"file": "src/defrag-hash.c"
},
"digest": {
"function_hash": "3945244165187481061580278360853740486",
"length": 635.0
},
"id": "CVE-2017-7177-77e873b8"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragTimeoutTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "75964094310844486240629596696393167318",
"length": 843.0
},
"id": "CVE-2017-7177-85bafbc0"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragReverseSimpleTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "135879260250653468123549976332514883276",
"length": 1153.0
},
"id": "CVE-2017-7177-9201d477"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "IPV6DefragDoSturgesNovakTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "285201374833005953360304213692926382716",
"length": 2161.0
},
"id": "CVE-2017-7177-99a3f7b6"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"file": "src/defrag.h"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"106859647665616583858349476223124433389",
"336357087348730951107446898040282391220",
"222952806072131130304829716520807030282"
]
},
"id": "CVE-2017-7177-a0df91ee"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragIPv4TooLargeTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "265446580823091180640816509025283271434",
"length": 536.0
},
"id": "CVE-2017-7177-a48f9ec5"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragMfIpv4Test",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "127840620779194896865524293129070239404",
"length": 817.0
},
"id": "CVE-2017-7177-a4dd26b4"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragIPv4NoDataTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "144177470953140630050717230750382416699",
"length": 488.0
},
"id": "CVE-2017-7177-aed4a221"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"file": "src/defrag.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"24419858828155271963222835358968672120",
"235119562206115019696111422590974357024",
"179575376164622712009153540323247288733",
"155513226184533865637943113308591324471",
"336303109816398602131471223874620340188",
"195514311440629609050345058264417492934",
"96405782024942707405897600296200045076",
"174146801439888233703544775337182457185",
"307253855163488951612241497935869992901",
"25058905332183260260200592059124194389",
"266413984644303745374511363350176947573",
"79281619181551299374827040142646606426",
"200062767824006094180743068230710724219",
"323908412509390183706929503972481275843",
"17176818926703406982357198018743461906",
"329633323413319345995580259625089009420",
"301458555122990518815650081268970356285",
"248675566054575905562853341693784967865",
"60018338943073231942716872260732536660",
"213516583834016376270406561965590485971",
"338756002610202327844437421867755061088",
"327738557330100453480158358968844871217",
"72867763476232675654525742761865537320",
"277089494799578975767993729475051914015",
"217537454821986849476518977832465031759",
"105647767832122817372462387359670610579",
"5055902718022877376639273003615850117",
"105468010231181815924883891321812473268",
"205778072481441043714039737144658270980",
"247831594258548167133948535978160541558",
"331385200101598266920089821066537826774",
"8774154444553272790638113182279406673",
"72867763476232675654525742761865537320",
"277089494799578975767993729475051914015",
"217537454821986849476518977832465031759",
"105647767832122817372462387359670610579",
"5055902718022877376639273003615850117",
"105468010231181815924883891321812473268",
"205778072481441043714039737144658270980",
"247831594258548167133948535978160541558",
"331385200101598266920089821066537826774",
"8848228565591837270922809132920394294",
"304713412793597526663486787424853433774",
"188677268140066124274319874868996626677",
"245543520725291107341030857008442524473",
"511043454994932116056045488918863002",
"48981427134457014574123062578020585314",
"287572328057456057340404664327910389398",
"212057923944193181058087286866669031250",
"189791588803436749364287684171037716144",
"332083860199373077847178981925348414181",
"107297816368463424206636848493870301015",
"165949355820974632463725444329546793039",
"50380157553729697407770601766567287352",
"79303007191100943211053773457687804409",
"511043454994932116056045488918863002",
"48981427134457014574123062578020585314",
"287572328057456057340404664327910389398",
"212057923944193181058087286866669031250",
"189791588803436749364287684171037716144",
"332083860199373077847178981925348414181",
"332853075622389025564521444503078205983",
"298010134436375454943470251229658976025",
"99489697704667341255443794537918393394",
"325108562619060780985000192150548406591",
"93781922146886509485376483315305305561",
"317192942330176989364061067612462539944",
"218298272235662704217017664457965922223",
"265701746131326441474928214806891439303",
"228530440013578845010777114015526420490",
"22392219426579211159200709669843862813",
"241254222243584701020532261442050704126",
"203103771722016150631448814687833745831",
"146392328759263059213793253748242401369",
"228549527176543296853010369569209213674",
"64343621139924939791103469547354194269",
"201301102127983487407993843575819506454",
"182755039252658338831335479882983633002",
"29626356074585121312365984353902972565",
"176223932322122894323007137607726899704",
"240614932979394611737116500076134212126",
"67238998191181541040008310982121198737",
"322345603636292749064635373976214364127",
"155389989832490846139740302090309363098",
"262462980742027872241802117704100902727",
"56040612070336272312480661901787981361",
"30968345412105680690754449482462617842",
"150703623183579351785324337535659470047",
"55788158909014576796494567854548198404",
"192992929997215114548603544927286296286",
"280174092354733461650754875513038989913",
"118434758139522471440166175183710402869",
"79677956985502776368323751331166579883",
"88173797559977938161859104607444457493",
"149337363723292674218513534672870339029",
"313677366039766884674731221567687020472",
"13141345210377544493191001790080914501",
"37541992738141545671791840288913136327",
"26905408272146610786387410619882223304",
"306882370977581878967827439981678290157",
"58631461717795138159354116102281079357",
"61683422894670267348964098083462780256",
"272776440045314954376526530956484270740",
"294873311890533794208817389043843074174",
"327002152086140394898170827786911226425",
"46706370896206226046071081138138406975",
"147081769411311856227725960000151716790",
"122691745020880805625418082760875847002",
"45385243043812018426653307354591328691",
"197511419350148419237145766559771803878",
"303040186415510510492225123925398047282",
"182125769173044437779125471959411760729",
"289991477688487899554709734026007272675",
"206466560725838606739864005225229105580",
"42040259210271124727493108556289498675",
"93430501245865437426294108419095423010",
"119421826071953724437785744813945752322",
"207792569317433440309643673339903182625",
"259447313852808037602066324268071428985",
"282386797142861209453463509225504776622",
"28139330477787135460811681727901923546",
"99894121261198853926568038370918787534",
"17399306807396583091874462593018425194",
"95207418692600233090412438230425283695",
"216146733499822612742227160392166450369",
"259447313852808037602066324268071428985",
"282386797142861209453463509225504776622",
"28139330477787135460811681727901923546",
"99894121261198853926568038370918787534",
"17399306807396583091874462593018425194",
"95207418692600233090412438230425283695",
"216146733499822612742227160392166450369",
"84321148981194192807031895553818337636",
"178024825842039720407025017704548864774",
"95767796470765300215617539470304252290",
"247354107293810244263863037487109363331",
"255222931597804201556520641767497829386",
"83040621766186769783321284180340508757",
"161950122515377857676108659203498235711",
"68291362153553729275250648383496168376",
"334106180747898236815109150505597987532",
"12452298471392631947450414273529334274",
"272832937019618894611246727644338823275",
"131181172187086602955664773084471440836",
"112455313776832400100088735100747527363",
"278568630838445398501930629217266167727",
"262544536778409735809532230064432595339",
"171536865350537580879971233459734790517",
"260560527627331564640246560983483912449",
"117045769607489842908676234730476222873",
"163618671830166997689109715005412427756",
"7462747907564253326958033176586542719",
"189472108190551543301836301189742504307",
"319549148931971239860022179889536457276"
]
},
"id": "CVE-2017-7177-aeef5105"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragRegisterTests",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "46311868021985329835833279882256571566",
"length": 1764.0
},
"id": "CVE-2017-7177-c3256c0b"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragDoSturgesNovakTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "128886039885907476110152491060972291768",
"length": 2121.0
},
"id": "CVE-2017-7177-c3b4771c"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragMfIpv6Test",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "276147190599012078690425006207589515151",
"length": 817.0
},
"id": "CVE-2017-7177-d685c048"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "IPV6DefragInOrderSimpleTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "49224622921856134968240462334634536296",
"length": 1112.0
},
"id": "CVE-2017-7177-ec8b6d97"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "BuildTestPacket",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "223145896644634967897221343103769712636",
"length": 1637.0
},
"id": "CVE-2017-7177-f1a41c9f"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "DefragVlanTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "326502938487101882625157243586485178225",
"length": 748.0
},
"id": "CVE-2017-7177-f3d46b33"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "IPV6DefragReverseSimpleTest",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "65690764370165145014760501156221975789",
"length": 1181.0
},
"id": "CVE-2017-7177-f9b8aae5"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"signature_version": "v1",
"target": {
"function": "IPV6BuildTestPacket",
"file": "src/defrag.c"
},
"digest": {
"function_hash": "92765926766417478633602909795861611449",
"length": 1730.0
},
"id": "CVE-2017-7177-fcf62773"
}
]