CVE-2024-55628
HIGH severity · CVSS 7.5 · CWE-405
7.5CVSS HIGH
Summary
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges requiredNone
User interactionNone
Confidentiality impactNone
Integrity impactNone
Availability impactHigh
Exploit probability (EPSS)1%
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Official patch: https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951 ↗
Additional information
- NVD record
- https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951Patch
- https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768dPatch
- https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2dPatch
- https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2jAdvisory
- https://redmine.openinfosecfoundation.org/issues/7280