Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.
References
Link | Resource |
---|---|
https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7 | Patch |
https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2 | Patch |
https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563 | Vendor Advisory |
https://redmine.openinfosecfoundation.org/issues/7104 | Permissions Required |
https://redmine.openinfosecfoundation.org/issues/7105 | Issue Tracking |
https://redmine.openinfosecfoundation.org/issues/7112 | Issue Tracking |
Configurations
Configuration 1 (hide)
|
History
12 Jul 2024, 18:46
Type | Values Removed | Values Added |
---|---|---|
First Time |
Oisf suricata
Oisf |
|
CPE | cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:* | |
Summary |
|
|
References | () https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7 - Patch | |
References | () https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2 - Patch | |
References | () https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563 - Vendor Advisory | |
References | () https://redmine.openinfosecfoundation.org/issues/7104 - Permissions Required | |
References | () https://redmine.openinfosecfoundation.org/issues/7105 - Issue Tracking | |
References | () https://redmine.openinfosecfoundation.org/issues/7112 - Issue Tracking |
11 Jul 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-11 15:15
Updated : 2024-07-12 18:46
NVD link : CVE-2024-38535
Mitre link : CVE-2024-38535
CVE.ORG link : CVE-2024-38535
JSON object : View
Products Affected
oisf
- suricata
CWE
CWE-770
Allocation of Resources Without Limits or Throttling