CVE-2017-15377 — Suricata vulnerability

5 documents5 sources

Severity

7.5HIGHNVD

EPSS

0.5%

top 32.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oisf Suricata Openinfosecfoundation Suricata

Timeline

PublishedOct 23

Latest updateMay 13

Description

In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found; instead, it stops only upon reaching inspection-recursion-limit (3000 by default).

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDopeninfosecfoundation/suricata3.2.4

▶Debianoisf/suricata< 1:4.0.0-1+3

🔴Vulnerability Details

GHSA

GHSA-4p84-v7gc-359m: In Suricata before 4↗2022-05-13

▶

OSV

CVE-2017-15377: In Suricata before 4↗2017-10-23

▶

CVEList

CVE-2017-15377: In Suricata before 4↗2017-10-23

▶

📋Vendor Advisories

Debian

CVE-2017-15377: suricata - In Suricata before 4.x, it was possible to trigger lots of redundant checks on t...↗2017

▶