{"id":"CVE-2017-7177","details":"Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.","modified":"2026-05-18T09:31:21.872129Z","published":"2017-03-18T20:59:00.173Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/97047"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html"},{"type":"FIX","url":"https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8"},{"type":"FIX","url":"https://redmine.openinfosecfoundation.org/issues/2019"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/OISF/suricata","events":[{"introduced":"0"},{"last_affected":"7db3172479cce5b76c76bf5725c6f46b6078ce77"}],"database_specific":{"cpe":"cpe:2.3:a:openinfosecfoundation:suricata:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"3.2"}],"source":"CPE_FIELD"}}],"versions":["suricata-3.2","suricata-3.2RC1","suricata-3.2beta1","suricata-3.1.2","suricata-3.1.1","suricata-3.1","suricata-3.0.1","suricata-3.1RC1","suricata-3.0.1RC1","suricata-3.0","suricata-3.0RC3","suricata-3.0RC2","suricata-3.0RC1","suricata-2.1beta4","suricata-2.1beta3","suricata-2.1beta2","suricata-2.1beta1","suricata-2.0.2","suricata-2.0.1","suricata-2.0.1rc1","suricata-2.0","suricata-2.0rc3","suricata-2.0rc2","suricata-2.0rc1","suricata-2.0beta2","suricata-2.0beta1","suricata-1.4","suricata-1.4rc1","suricata-1.4beta3","suricata-1.4beta2","suricata-1.4beta1","suricata-1.3.1","suricata-1.3","suricata-1.3rc1","suricata-1.3beta2","suricata-1.3beta1","suricata-1.2.1","suricata-1.2","suricata-1.2rc1","suricata-1.2beta1","suricata-1.1","suricata-1.1rc1","suricata-1.1beta3","suricata-1.1beta2","suricata-1.1beta1","suricata-1.0.2","suricata-1.0.1","suricata-1.0.0","suricata-0.8.2"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7177.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/oisf/suricata","events":[{"introduced":"0"},{"fixed":"4a04f814b15762eb446a5ead4d69d021512df6f8"}],"database_specific":{"source":"REFERENCES"}}],"versions":["suricata-3.2","suricata-3.2RC1","suricata-3.2beta1","suricata-3.1.2","suricata-3.1.1","suricata-3.1","suricata-3.0.1","suricata-3.1RC1","suricata-3.0.1RC1","suricata-3.0","suricata-3.0RC3","suricata-3.0RC2","suricata-3.0RC1","suricata-2.1beta4","suricata-2.1beta3","suricata-2.1beta2","suricata-2.1beta1","suricata-2.0.2","suricata-2.0.1","suricata-2.0.1rc1","suricata-2.0","suricata-2.0rc3","suricata-2.0rc2","suricata-2.0rc1","suricata-2.0beta2","suricata-2.0beta1","suricata-1.4","suricata-1.4rc1","suricata-1.4beta3","suricata-1.4beta2","suricata-1.4beta1","suricata-1.3.1","suricata-1.3","suricata-1.3rc1","suricata-1.3beta2","suricata-1.3beta1","suricata-1.2.1","suricata-1.2","suricata-1.2rc1","suricata-1.2beta1","suricata-1.1","suricata-1.1rc1","suricata-1.1beta3","suricata-1.1beta2","suricata-1.1beta1","suricata-1.0.2","suricata-1.0.1","suricata-1.0.0","suricata-0.8.2"],"database_specific":{"vanir_signatures":[{"signature_type":"Function","digest":{"function_hash":"79916942618866972839484438901243345408","length":802},"target":{"function":"DefragVlanQinQTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-01489305","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"175555884426307745297771946362366508226","length":756},"target":{"function":"DefragTrackerReuseTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-0c2aae54","deprecated":false,"signature_version":"v1"},{"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["94642097487991195486086245431953979179","198311692224188654937390154792625013284","256306544840147279184007759777913797841","185359887398480989974920139321336421321","38169523257865215479068016130563195558","29365486624403151484811941219326570990","273843950816858899148502620372086569970","120265692309158442816102975320118826400"]},"target":{"file":"src/defrag-hash.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-263d0a09","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"235051773791554090929711174098370599041","length":1173},"target":{"function":"DefragInOrderSimpleTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-6a2a1ebf","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"3945244165187481061580278360853740486","length":635},"target":{"function":"DefragTrackerInit","file":"src/defrag-hash.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-77e873b8","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"75964094310844486240629596696393167318","length":843},"target":{"function":"DefragTimeoutTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-85bafbc0","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"135879260250653468123549976332514883276","length":1153},"target":{"function":"DefragReverseSimpleTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-9201d477","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"285201374833005953360304213692926382716","length":2161},"target":{"function":"IPV6DefragDoSturgesNovakTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-99a3f7b6","deprecated":false,"signature_version":"v1"},{"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["106859647665616583858349476223124433389","336357087348730951107446898040282391220","222952806072131130304829716520807030282"]},"target":{"file":"src/defrag.h"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-a0df91ee","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"265446580823091180640816509025283271434","length":536},"target":{"function":"DefragIPv4TooLargeTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-a48f9ec5","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"127840620779194896865524293129070239404","length":817},"target":{"function":"DefragMfIpv4Test","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-a4dd26b4","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"144177470953140630050717230750382416699","length":488},"target":{"function":"DefragIPv4NoDataTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-aed4a221","deprecated":false,"signature_version":"v1"},{"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["24419858828155271963222835358968672120","235119562206115019696111422590974357024","179575376164622712009153540323247288733","155513226184533865637943113308591324471","336303109816398602131471223874620340188","195514311440629609050345058264417492934","96405782024942707405897600296200045076","174146801439888233703544775337182457185","307253855163488951612241497935869992901","25058905332183260260200592059124194389","266413984644303745374511363350176947573","79281619181551299374827040142646606426","200062767824006094180743068230710724219","323908412509390183706929503972481275843","17176818926703406982357198018743461906","329633323413319345995580259625089009420","301458555122990518815650081268970356285","248675566054575905562853341693784967865","60018338943073231942716872260732536660","213516583834016376270406561965590485971","338756002610202327844437421867755061088","327738557330100453480158358968844871217","72867763476232675654525742761865537320","277089494799578975767993729475051914015","217537454821986849476518977832465031759","105647767832122817372462387359670610579","5055902718022877376639273003615850117","105468010231181815924883891321812473268","205778072481441043714039737144658270980","247831594258548167133948535978160541558","331385200101598266920089821066537826774","8774154444553272790638113182279406673","72867763476232675654525742761865537320","277089494799578975767993729475051914015","217537454821986849476518977832465031759","105647767832122817372462387359670610579","5055902718022877376639273003615850117","105468010231181815924883891321812473268","205778072481441043714039737144658270980","247831594258548167133948535978160541558","331385200101598266920089821066537826774","8848228565591837270922809132920394294","304713412793597526663486787424853433774","188677268140066124274319874868996626677","245543520725291107341030857008442524473","511043454994932116056045488918863002","48981427134457014574123062578020585314","287572328057456057340404664327910389398","212057923944193181058087286866669031250","189791588803436749364287684171037716144","332083860199373077847178981925348414181","107297816368463424206636848493870301015","165949355820974632463725444329546793039","50380157553729697407770601766567287352","79303007191100943211053773457687804409","511043454994932116056045488918863002","48981427134457014574123062578020585314","287572328057456057340404664327910389398","212057923944193181058087286866669031250","189791588803436749364287684171037716144","332083860199373077847178981925348414181","332853075622389025564521444503078205983","298010134436375454943470251229658976025","99489697704667341255443794537918393394","325108562619060780985000192150548406591","93781922146886509485376483315305305561","317192942330176989364061067612462539944","218298272235662704217017664457965922223","265701746131326441474928214806891439303","228530440013578845010777114015526420490","22392219426579211159200709669843862813","241254222243584701020532261442050704126","203103771722016150631448814687833745831","146392328759263059213793253748242401369","228549527176543296853010369569209213674","64343621139924939791103469547354194269","201301102127983487407993843575819506454","182755039252658338831335479882983633002","29626356074585121312365984353902972565","176223932322122894323007137607726899704","240614932979394611737116500076134212126","67238998191181541040008310982121198737","322345603636292749064635373976214364127","155389989832490846139740302090309363098","262462980742027872241802117704100902727","56040612070336272312480661901787981361","30968345412105680690754449482462617842","150703623183579351785324337535659470047","55788158909014576796494567854548198404","192992929997215114548603544927286296286","280174092354733461650754875513038989913","118434758139522471440166175183710402869","79677956985502776368323751331166579883","88173797559977938161859104607444457493","149337363723292674218513534672870339029","313677366039766884674731221567687020472","13141345210377544493191001790080914501","37541992738141545671791840288913136327","26905408272146610786387410619882223304","306882370977581878967827439981678290157","58631461717795138159354116102281079357","61683422894670267348964098083462780256","272776440045314954376526530956484270740","294873311890533794208817389043843074174","327002152086140394898170827786911226425","46706370896206226046071081138138406975","147081769411311856227725960000151716790","122691745020880805625418082760875847002","45385243043812018426653307354591328691","197511419350148419237145766559771803878","303040186415510510492225123925398047282","182125769173044437779125471959411760729","289991477688487899554709734026007272675","206466560725838606739864005225229105580","42040259210271124727493108556289498675","93430501245865437426294108419095423010","119421826071953724437785744813945752322","207792569317433440309643673339903182625","259447313852808037602066324268071428985","282386797142861209453463509225504776622","28139330477787135460811681727901923546","99894121261198853926568038370918787534","17399306807396583091874462593018425194","95207418692600233090412438230425283695","216146733499822612742227160392166450369","259447313852808037602066324268071428985","282386797142861209453463509225504776622","28139330477787135460811681727901923546","99894121261198853926568038370918787534","17399306807396583091874462593018425194","95207418692600233090412438230425283695","216146733499822612742227160392166450369","84321148981194192807031895553818337636","178024825842039720407025017704548864774","95767796470765300215617539470304252290","247354107293810244263863037487109363331","255222931597804201556520641767497829386","83040621766186769783321284180340508757","161950122515377857676108659203498235711","68291362153553729275250648383496168376","334106180747898236815109150505597987532","12452298471392631947450414273529334274","272832937019618894611246727644338823275","131181172187086602955664773084471440836","112455313776832400100088735100747527363","278568630838445398501930629217266167727","262544536778409735809532230064432595339","171536865350537580879971233459734790517","260560527627331564640246560983483912449","117045769607489842908676234730476222873","163618671830166997689109715005412427756","7462747907564253326958033176586542719","189472108190551543301836301189742504307","319549148931971239860022179889536457276"]},"target":{"file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-aeef5105","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"46311868021985329835833279882256571566","length":1764},"target":{"function":"DefragRegisterTests","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-c3256c0b","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"128886039885907476110152491060972291768","length":2121},"target":{"function":"DefragDoSturgesNovakTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-c3b4771c","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"276147190599012078690425006207589515151","length":817},"target":{"function":"DefragMfIpv6Test","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-d685c048","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"49224622921856134968240462334634536296","length":1112},"target":{"function":"IPV6DefragInOrderSimpleTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-ec8b6d97","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"223145896644634967897221343103769712636","length":1637},"target":{"function":"BuildTestPacket","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-f1a41c9f","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"326502938487101882625157243586485178225","length":748},"target":{"function":"DefragVlanTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-f3d46b33","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"65690764370165145014760501156221975789","length":1181},"target":{"function":"IPV6DefragReverseSimpleTest","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-f9b8aae5","deprecated":false,"signature_version":"v1"},{"signature_type":"Function","digest":{"function_hash":"92765926766417478633602909795861611449","length":1730},"target":{"function":"IPV6BuildTestPacket","file":"src/defrag.c"},"source":"https://github.com/oisf/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8","id":"CVE-2017-7177-fcf62773","deprecated":false,"signature_version":"v1"}],"vanir_signatures_modified":"2026-05-18T09:31:21Z","source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7177.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}