Lucene search

Alpine Linux Development TeamALPINE:CVE-2024-32664

HistoryMay 07, 2024 - 3:15 p.m.

CVE-2024-32664

2024-05-0715:15:08

Alpine Linux Development Team

security.alpinelinux.org

suricata

network security monitoring

buffer overflow

vulnerability

cve-2024-32664

prevention system

unix

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

6.9

Confidence

Low

JSON

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in 7.0.5 and 6.0.19. Workarounds include not use rules with base64_decode keyword with bytes option with value 1, 2 or 5 and for 7.0.x, setting app-layer.protocols.smtp.mime.body-md5 to false.

OSVersionArchitecturePackageVersionFilename
Alpine3.20-communitynoarchsuricata< 7.0.6-r0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	3.20-community	noarch	suricata	< 7.0.6-r0	UNKNOWN

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

6.9

Confidence

Low

JSON

Related for ALPINE:CVE-2024-32664