Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a flow. Upgrade to 7.0.6. Set a limited stream.reassembly.depth to reduce the issue.
References
Link | Resource |
---|---|
https://github.com/OISF/suricata/commit/a753cdbe84caee3b66d0bf49b2712d29a50d67ae | Patch |
https://github.com/OISF/suricata/security/advisories/GHSA-59qg-h357-69fq | Vendor Advisory |
https://redmine.openinfosecfoundation.org/issues/6987 | Issue Tracking |
https://redmine.openinfosecfoundation.org/issues/6988 | Issue Tracking |
Configurations
History
12 Jul 2024, 18:46
Type | Values Removed | Values Added |
---|---|---|
First Time |
Oisf suricata
Oisf |
|
References | () https://github.com/OISF/suricata/commit/a753cdbe84caee3b66d0bf49b2712d29a50d67ae - Patch | |
References | () https://github.com/OISF/suricata/security/advisories/GHSA-59qg-h357-69fq - Vendor Advisory | |
References | () https://redmine.openinfosecfoundation.org/issues/6987 - Issue Tracking | |
References | () https://redmine.openinfosecfoundation.org/issues/6988 - Issue Tracking | |
CPE | cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:* | |
Summary |
|
11 Jul 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-11 15:15
Updated : 2024-07-12 18:46
NVD link : CVE-2024-38534
Mitre link : CVE-2024-38534
CVE.ORG link : CVE-2024-38534
JSON object : View
Products Affected
oisf
- suricata
CWE
CWE-770
Allocation of Resources Without Limits or Throttling