CVE-2024-23836
crafted traffic can cause denial of service
In short
An attacker can send specially crafted network traffic that forces Suricata (a security monitoring tool) to use excessive CPU and memory, causing it to slow down or stop working entirely.
Technical detail
Suricata versions before 6.0.16 and 7.0.3 are vulnerable to a denial-of-service attack via crafted traffic that triggers inefficient resource consumption in protocol parsing and stream reassembly; exploitation requires only the ability to send network traffic to the monitored interface, resulting in system unavailability or severe performance degradation.
Summary generated and translated by AI from the official description.
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extreme slow downs and denial of service. This vulnerability is patched in 6.0.16 or 7.0.3. Workarounds include disabling the affected protocol app-layer parser in the yaml and reducing the `stream.reassembly.depth` value helps reduce the severity of the issue.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
OISF · suricataWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/OISF/suricata/commit/18841a58da71e735ddf4e52cbfa6989755ecbeb7https://github.com/OISF/suricata/commit/2a2120ecf10c5b5713ec2bf59469fe57f7b5b747https://github.com/OISF/suricata/commit/83c5567ea7b0b28376f57dcfee9c6301448c7bc7https://github.com/OISF/suricata/commit/8efaebe293e2a74c8e323fa85a6f5fadf82801bchttps://github.com/OISF/suricata/commit/97953998d2d60673ed6c30ddfb6a2d59b4230f97https://github.com/OISF/suricata/commit/b1549e930f6426eeff43f12b672337cbcda566b8https://github.com/OISF/suricata/commit/cd035d59e3df157b606f4fe67324ea8e437be786https://github.com/OISF/suricata/commit/ce9b90326949c94a46611d6394e28600ee5e8bd5https://github.com/OISF/suricata/commit/e7e28822f473320658d6125f16ac3f0524baff01https://github.com/OISF/suricata/commit/f9de1cca6182e571f1c02387dca6e695e55608afhttps://github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpchttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/