vulnerability

Ubuntu: (CVE-2016-10728): suricata vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Jul 23, 2018	Jun 26, 2025	Jun 26, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Jul 23, 2018

Added

Jun 26, 2025

Modified

Jun 26, 2025

Description

An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection.

Solution

no-fix-ubuntu-package

References

CVE-2016-10728
https://attackerkb.com/topics/CVE-2016-10728
URL-https://github.com/kirillwow/ids_bypass
URL-https://redmine.openinfosecfoundation.org/issues/1880
URL-https://suricata-ids.org/2016/09/07/suricata-3-1-2-released/
URL-https://www.cve.org/CVERecord?id=CVE-2016-10728

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today