CVE-2024-55627
Suricata Unsigned Integer Underflow Buffer Overflow Vulnerability
Description
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.
INFO
Published Date :
Jan. 6, 2025, 6:15 p.m.
Last Modified :
Jan. 6, 2025, 6:15 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
3.6
Exploitability Score :
2.2
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-55627.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-55627 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2024-55627 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by [email protected]
Jan. 06, 2025
Action Type Old Value New Value Added Description Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8. Added CVSS V3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Added CWE CWE-191 Added CWE CWE-122 Added Reference https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd Added Reference https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be Added Reference https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432 Added Reference https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v Added Reference https://redmine.openinfosecfoundation.org/issues/7393
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-55627 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-55627
weaknesses.