CVE-2024-37151
Suricata defrag: IP ID reuse can lead to policy bypass
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem.
Suricata es un sistema de detección de intrusiones en la red, un sistema de prevención de intrusiones y un motor de monitoreo de seguridad de la red. El mal manejo de varios paquetes fragmentados que utilizan el mismo valor de ID de IP puede provocar un error en el reensamblaje del paquete, lo que puede provocar una omisión de políticas. Actualice a 7.0.6 o 6.0.20. Cuando utilice af-packet, habilite `defrag` para reducir el alcance del problema.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-06-03 CVE Reserved
- 2024-06-27 CVE Published
- 2024-07-13 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-754: Improper Check for Unusual or Exceptional Conditions
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://redmine.openinfosecfoundation.org/issues/7041 | Issue Tracking | |
| https://redmine.openinfosecfoundation.org/issues/7042 | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0 | 2024-07-12 | |
| https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b | 2024-07-12 |
| URL | Date | SRC |
|---|---|---|
| https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24 | 2024-07-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Oisf Search vendor "Oisf" | Suricata Search vendor "Oisf" for product "Suricata" | >= 6.0.0 < 6.0.20 Search vendor "Oisf" for product "Suricata" and version " >= 6.0.0 < 6.0.20" | - |
Affected
| ||||||
| Oisf Search vendor "Oisf" | Suricata Search vendor "Oisf" for product "Suricata" | >= 7.0.0 < 7.0.6 Search vendor "Oisf" for product "Suricata" and version " >= 7.0.0 < 7.0.6" | - |
Affected
| ||||||