CVE-2024-55628Asymmetric Resource Consumption (Amplification) in Suricata

CWE-405Asymmetric Resource Consumption (Amplification)CWE-779Logging of Excessive Data4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.5%
top 32.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oisf Suricata
Timeline
PublishedJan 6

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

CVEListV5oisf/suricata< 7.0.8
NVDoisf/suricata< 7.0.8
Debianoisf/suricata< 1:7.0.8-1+1

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

2
CVEList
Suricata oversized resource names utilizing DNS name compression can lead to resource starvation2025-01-06
OSV
CVE-2024-55628: Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine2025-01-06

📋Vendor Advisories

1
Debian
CVE-2024-55628: suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System an...2024
CVE-2024-55628 — Oisf Suricata vulnerability | cvebase