CVE-2024-55627 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2024-55627

CVE-2024-55627

January 06, 2025

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.

Related Resources (5)

https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd

https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v

https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432

https://redmine.openinfosecfoundation.org/issues/7393

https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be

Do you need more information?

CVSS v4

Base Score:

8.2

Attack Vector

NETWORK

Attack Complexity

HIGH

Attack Requirements

NONE

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

NONE

Vulnerable System Integrity

NONE

Vulnerable System Availability

HIGH

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Weakness Type (CWE)

Heap-based Buffer Overflow

CWE-122

Integer Underflow (Wrap or Wraparound)

CWE-191

Out-of-bounds Write

CWE-787

EPSS

Base Score:

0.16

Products

Solutions

Resources

Company

Compare

Developer Tools