CVE-2024-55627
Suricata segfault on StreamingBufferSlideToOffsetWithRegions
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.
Suricata es un sistema de detección de intrusiones, un sistema de prevención de intrusiones y un motor de monitoreo de seguridad de red. Antes de la versión 7.0.8, un flujo TCP especialmente manipulado puede provocar un desbordamiento de búfer muy grande mientras se llena con ceros durante la inicialización con memset debido a un desbordamiento de enteros sin signo. El problema se ha solucionado en Suricata 7.0.8.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-12-09 CVE Reserved
- 2024-12-12 CVE Published
- 2025-01-06 CVE Updated
- 2025-05-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-191: Integer Underflow (Wrap or Wraparound)
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd | X_refsource_misc | |
| https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be | X_refsource_misc | |
| https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432 | X_refsource_misc | |
| https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v | X_refsource_confirm | |
| https://redmine.openinfosecfoundation.org/issues/7393 | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|