CVE-2024-45796

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could craft packets to trigger this behavior.This issue has been addressed in 7.0.7.
Configurations

Configuration 1 (hide)

cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*

History

22 Oct 2024, 13:37

Type Values Removed Values Added
References () https://github.com/OISF/suricata/security/advisories/GHSA-mf6r-3xp2-v7xg - () https://github.com/OISF/suricata/security/advisories/GHSA-mf6r-3xp2-v7xg - Third Party Advisory
References () https://redmine.openinfosecfoundation.org/issues/7067 - () https://redmine.openinfosecfoundation.org/issues/7067 - Issue Tracking
First Time Oisf suricata
Oisf
CPE cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*

18 Oct 2024, 12:53

Type Values Removed Values Added
Summary
  • (es) Suricata es un sistema de detección de intrusiones, un sistema de prevención de intrusiones y un motor de monitoreo de seguridad de red. Antes de la versión 7.0.7, un error lógico durante el reensamblado de fragmentos podía provocar un reensamblado fallido para el tráfico válido. Un atacante podría crear paquetes para desencadenar este comportamiento. Este problema se ha solucionado en la versión 7.0.7.

16 Oct 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-16 19:15

Updated : 2024-10-22 13:37


NVD link : CVE-2024-45796

Mitre link : CVE-2024-45796

CVE.ORG link : CVE-2024-45796


JSON object : View

Products Affected

oisf

  • suricata
CWE
CWE-193

Off-by-one Error