Vulnerability Description
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extreme slow downs and denial of service. This vulnerability is patched in 6.0.16 or 7.0.3. Workarounds include disabling the affected protocol app-layer parser in the yaml and reducing the `stream.reassembly.depth` value helps reduce the severity of the issue.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oisf | Suricata | < 6.0.16 |
| Fedoraproject | Fedora | 38 |
Related Weaknesses (CWE)
References
- https://github.com/OISF/suricata/commit/18841a58da71e735ddf4e52cbfa6989755ecbeb7Patch
- https://github.com/OISF/suricata/commit/2a2120ecf10c5b5713ec2bf59469fe57f7b5b747Patch
- https://github.com/OISF/suricata/commit/83c5567ea7b0b28376f57dcfee9c6301448c7bc7Patch
- https://github.com/OISF/suricata/commit/8efaebe293e2a74c8e323fa85a6f5fadf82801bcPatch
- https://github.com/OISF/suricata/commit/97953998d2d60673ed6c30ddfb6a2d59b4230f97Patch
- https://github.com/OISF/suricata/commit/b1549e930f6426eeff43f12b672337cbcda566b8Patch
- https://github.com/OISF/suricata/commit/cd035d59e3df157b606f4fe67324ea8e437be786Patch
- https://github.com/OISF/suricata/commit/ce9b90326949c94a46611d6394e28600ee5e8bd5Patch
- https://github.com/OISF/suricata/commit/e7e28822f473320658d6125f16ac3f0524baff01Patch
- https://github.com/OISF/suricata/commit/f9de1cca6182e571f1c02387dca6e695e55608afPatch
- https://github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpcVendor Advisory
- https://lists.fedoraproject.org/archives/list/[email protected]Mailing List
- https://lists.fedoraproject.org/archives/list/[email protected]Mailing List
- https://redmine.openinfosecfoundation.org/issues/6531Issue Tracking
- https://redmine.openinfosecfoundation.org/issues/6532Issue Tracking
FAQ
What is CVE-2024-23836?
CVE-2024-23836 is a vulnerability with a CVSS score of 7.5 (HIGH). Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricat...
How severe is CVE-2024-23836?
CVE-2024-23836 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-23836?
Check the references section above for vendor advisories and patch information. Affected products include: Oisf Suricata, Fedoraproject Fedora.