CVE-2021-37592
published 2021-11-19CVE-2021-37592: Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.
PriorityP351critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.55%
72.0th percentile
Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | suricata | < suricata 1:6.0.4-1 (bookworm) | suricata 1:6.0.4-1 (bookworm) |
| oisf | suricata | < 5.0.8 | 5.0.8 |
| oisf | suricata | >= 0 < 1:6.0.4-1 | 1:6.0.4-1 |
| oisf | suricata | >= 0 < 1:6.0.4-1 | 1:6.0.4-1 |
| oisf | suricata | >= 0 < 1:6.0.4-1 | 1:6.0.4-1 |
| oisf | suricata | >= 6.0.0 < 6.0.4 | 6.0.4 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hxgj-p44f-9x32: Suricata before 5
ghsa_unreviewed·2021-11-20
CVE-2021-37592 [CRITICAL] CWE-787 GHSA-hxgj-p44f-9x32: Suricata before 5
Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.
OSV
CVE-2021-37592: Suricata before 5
osv·2021-11-19·CVSS 9.8
CVE-2021-37592 [CRITICAL] CVE-2021-37592: Suricata before 5
Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.
Debian
CVE-2021-37592: suricata - Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with ...
vendor_debian·2021·CVSS 9.8
CVE-2021-37592 [CRITICAL] CVE-2021-37592: suricata - Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with ...
Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.
Scope: local
bookworm: resolved (fixed in 1:6.0.4-1)
bullseye: open
forky: resolved (fixed in 1:6.0.4-1)
sid: resolved (fixed in 1:6.0.4-1)
trixie: resolved (fixed in 1:6.0.4-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://forum.suricata.io/t/suricata-6-0-4-and-5-0-8-released/1942https://github.com/OISF/suricata/releaseshttps://redmine.openinfosecfoundation.org/issues/4569https://forum.suricata.io/t/suricata-6-0-4-and-5-0-8-released/1942https://github.com/OISF/suricata/releaseshttps://redmine.openinfosecfoundation.org/issues/4569
2021-11-19
Published