CVE-2024-23836 — Allocation of Resources Without Limits or Throttling in Suricata

CWE-770 — Allocation of Resources Without Limits or Throttling4 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.8%

top 25.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oisf Suricata Fedoraproject Fedora

Timeline

PublishedFeb 26

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extreme slow downs and denial of service. This vulnerability is patched in 6.0.16 or 7.0.3. Workarounds include disabling the affected protocol app-layer parser in the yaml and reducing the `stream.reassembly.…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5oisf/suricata< 6.0.16+1

▶NVDoisf/suricata7.0.0 — 7.0.3+1

▶Debianoisf/suricata< 1:7.0.3-1+1

Also affects: Fedora 38, 39

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

crafted traffic can cause denial of service↗2024-02-26

▶

OSV

CVE-2024-23836: Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine↗2024-02-26

▶

📋Vendor Advisories

Debian

CVE-2024-23836: suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System an...↗2024

▶