CVE-2024-32663

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and 6.0.19. Workarounds include disabling the HTTP/2 parser and reducing `app-layer.protocols.http2.max-table-size` value (default is 65536).

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64	Patch
https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd	Patch
https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019	Patch
https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5	Patch
https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r	Vendor Advisory
https://redmine.openinfosecfoundation.org/issues/6892	Issue Tracking
https://redmine.openinfosecfoundation.org/issues/6900	Issue Tracking
https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64	Patch
https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd	Patch
https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019	Patch
https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5	Patch
https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r	Vendor Advisory
https://redmine.openinfosecfoundation.org/issues/6892	Issue Tracking
https://redmine.openinfosecfoundation.org/issues/6900	Issue Tracking

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oisf:suricata::::::::
	cpe:2.3:a:oisf:suricata::::::::

History

19 Dec 2024, 19:40

Type	Values Removed	Values Added
CPE		cpe:2.3:a:oisf:suricata::::::::
References	~~() https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64 -~~	() https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64 - Patch
References	~~() https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd -~~	() https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd - Patch
References	~~() https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019 -~~	() https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019 - Patch
References	~~() https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5 -~~	() https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5 - Patch
References	~~() https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r -~~	() https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r - Vendor Advisory
References	~~() https://redmine.openinfosecfoundation.org/issues/6892 -~~	() https://redmine.openinfosecfoundation.org/issues/6892 - Issue Tracking
References	~~() https://redmine.openinfosecfoundation.org/issues/6900 -~~	() https://redmine.openinfosecfoundation.org/issues/6900 - Issue Tracking
First Time		Oisf suricata Oisf

21 Nov 2024, 09:15

Type	Values Removed	Values Added
Summary		(es) Suricata es un sistema de detección de intrusiones en la red, un sistema de prevención de intrusiones y un motor de monitoreo de seguridad de la red. Antes de 7.0.5 y 6.0.19, una pequeña cantidad de tráfico HTTP/2 puede hacer que Suricata utilice una gran cantidad de memoria. El problema se solucionó en Suricata 7.0.5 y 6.0.19. Los workarounds incluyen deshabilitar el analizador HTTP/2 y reducir el valor `app-layer.protocols.http2.max-table-size` (el valor predeterminado es 65536).
References	~~() https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64 -~~	() https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64 -
References	~~() https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd -~~	() https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd -
References	~~() https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019 -~~	() https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019 -
References	~~() https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5 -~~	() https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5 -
References	~~() https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r -~~	() https://github.com/OISF/suricata/security/advisories/GHSA-9jxm-qw9v-266r -
References	~~() https://redmine.openinfosecfoundation.org/issues/6892 -~~	() https://redmine.openinfosecfoundation.org/issues/6892 -
References	~~() https://redmine.openinfosecfoundation.org/issues/6900 -~~	() https://redmine.openinfosecfoundation.org/issues/6900 -

07 May 2024, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-07 15:15

Updated : 2024-12-19 19:40

NVD link : CVE-2024-32663

Mitre link : CVE-2024-32663

CVE.ORG link : CVE-2024-32663

JSON object : View

Products Affected

oisf

suricata

CWE

CWE-400

Uncontrolled Resource Consumption

CWE-770

Allocation of Resources Without Limits or Throttling

7.5 /10