CVE-2024-55626

March 31, 2025, 1:52 p.m.

3.3
Low

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8.

Product(s) Impacted

Vendor Product Versions
Oisf
  • Suricata
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-680
Integer Overflow to Buffer Overflow
The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a oisf suricata / / / / / / / /

References

https://github.com/OISF/suricata/commit/dd71ef0af222a566e54dfc479dd1951dd17d7ceb
https://github.com/OISF/suricata/security/advisories/GHSA-wmg4-jqx5-4h9v
https://redmine.openinfosecfoundation.org/issues/7366

Tags

security-advisories@github.com
CWE-680
2025-01-06
CVE-2024-55626

CVSS Score

3.3 / 10

CVSS Data - 3.1

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: LOW

    • CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

    View Vector String

Timeline

Published: Jan. 6, 2025, 6:15 p.m.
Last Modified: March 31, 2025, 1:52 p.m.

Status : Analyzed

CVE has had analysis completed and all data associations made.

More info

Source

security-advisories@github.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.