CVE-2024-45796Off-by-one Error in Suricata

CWE-193Off-by-one Error4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.3%
top 45.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oisf Suricata
Timeline
PublishedOct 16

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could craft packets to trigger this behavior.This issue has been addressed in 7.0.7.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

CVEListV5oisf/suricata< 7.0.7
NVDoisf/suricata< 7.0.7
Debianoisf/suricata< 1:6.0.1-3+deb11u1+2

🔴Vulnerability Details

2
OSV
CVE-2024-45796: Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine2024-10-16
CVEList
Suricata defrag: off by one can lead to policy bypass2024-10-16

📋Vendor Advisories

1
Debian
CVE-2024-45796: suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System an...2024
CVE-2024-45796 — Off-by-one Error in Oisf Suricata | cvebase