CVE-2024-32663
Suricata 's http2 parser contains an improper compressed header handling can lead to resource starvation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and 6.0.19. Workarounds include disabling the HTTP/2 parser and reducing `app-layer.protocols.http2.max-table-size` value (default is 65536).
Suricata es un sistema de detección de intrusiones en la red, un sistema de prevención de intrusiones y un motor de monitoreo de seguridad de la red. Antes de 7.0.5 y 6.0.19, una pequeña cantidad de tráfico HTTP/2 puede hacer que Suricata utilice una gran cantidad de memoria. El problema se solucionó en Suricata 7.0.5 y 6.0.19. Los workarounds incluyen deshabilitar el analizador HTTP/2 y reducir el valor `app-layer.protocols.http2.max-table-size` (el valor predeterminado es 65536).
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-04-16 CVE Reserved
- 2024-04-23 CVE Published
- 2024-05-08 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
- CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64 | X_refsource_misc | |
| https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd | X_refsource_misc | |
| https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019 | X_refsource_misc | |
| https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5 | X_refsource_misc | |
| https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r | X_refsource_confirm | |
| https://redmine.openinfosecfoundation.org/issues/6892 | X_refsource_misc | |
| https://redmine.openinfosecfoundation.org/issues/6900 | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| OISF Search vendor "OISF" | Suricata Search vendor "OISF" for product "Suricata" | >= 7.0.0 <= 7.0.4 Search vendor "OISF" for product "Suricata" and version " >= 7.0.0 <= 7.0.4" | en |
Affected
| ||||||
| OISF Search vendor "OISF" | Suricata Search vendor "OISF" for product "Suricata" | >= 6.0.0 <= 6.0.18 Search vendor "OISF" for product "Suricata" and version " >= 6.0.0 <= 6.0.18" | en |
Affected
| ||||||