Suricata
CVE-2024-55626
LOW
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Lifecycle Timeline
3DescriptionGitHub Advisory
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8.
AnalysisAI
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-680. Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8. Affected products include: Oisf Suricata. Version information: Prior to 7.0.8.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Functi
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suric
An issue was discovered in Suricata before 6.0.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploit
An issue was discovered in Suricata 4.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, n
An issue was discovered in Suricata 4.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, n
An issue was discovered in Suricata 4.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, n
An issue was discovered in Suricata 4.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, n
An issue was discovered in Suricata 4.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, n
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detect
Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. Rated high severity (CVSS 7.5), this vul
The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might a
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. Ra
Same weakness CWE-680 – Integer Overflow to Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today