CVE-2024-55626

LOW
2025-01-06 [email protected]
3.3
CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

3
Analysis Generated
Mar 28, 2026 - 18:02 vuln.today
Patch Released
Mar 28, 2026 - 18:02 nvd
Patch available
CVE Published
Jan 06, 2025 - 18:15 nvd
LOW 3.3

Tags

Buffer Overflow Suricata

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8.

Analysis

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Technical Context

This vulnerability is classified under CWE-680. Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8. Affected products include: Oisf Suricata. Version information: Prior to 7.0.8.

Affected Products

Oisf Suricata.

Remediation

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Priority Score

17
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +16
POC: 0

Share

CVE-2024-55626 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy