CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
17.1%
suricata is vulnerable to Denial Of Service(DoS) . The vulnerability is due to consume excessive CPU and memory resources when processing crafted network traffic which could allow an attacker to craft traffic in a way that causes Suricata to consume excessive CPU and memory, leading to extreme slowdowns and potentially a denial of service.
github.com/OISF/suricata/commit/18841a58da71e735ddf4e52cbfa6989755ecbeb7
github.com/OISF/suricata/commit/2a2120ecf10c5b5713ec2bf59469fe57f7b5b747
github.com/OISF/suricata/commit/83c5567ea7b0b28376f57dcfee9c6301448c7bc7
github.com/OISF/suricata/commit/8efaebe293e2a74c8e323fa85a6f5fadf82801bc
github.com/OISF/suricata/commit/97953998d2d60673ed6c30ddfb6a2d59b4230f97
github.com/OISF/suricata/commit/b1549e930f6426eeff43f12b672337cbcda566b8
github.com/OISF/suricata/commit/cd035d59e3df157b606f4fe67324ea8e437be786
github.com/OISF/suricata/commit/ce9b90326949c94a46611d6394e28600ee5e8bd5
github.com/OISF/suricata/commit/e7e28822f473320658d6125f16ac3f0524baff01
github.com/OISF/suricata/commit/f9de1cca6182e571f1c02387dca6e695e55608af
github.com/OISF/suricata/security/advisories/GHSA-q33q-45cr-3cpc
lists.fedoraproject.org/archives/list/[email protected]/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/
lists.fedoraproject.org/archives/list/[email protected]/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/
redmine.openinfosecfoundation.org/issues/6531
redmine.openinfosecfoundation.org/issues/6532
redmine.openinfosecfoundation.org/issues/6540
redmine.openinfosecfoundation.org/issues/6658
redmine.openinfosecfoundation.org/issues/6659
redmine.openinfosecfoundation.org/issues/6660
security-tracker.debian.org/tracker/CVE-2024-23836