Description
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.
References (6)
Core 6
Core References
Vendor Advisory x_refsource_confirm
https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563
Patch x_refsource_misc
https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7
Patch x_refsource_misc
https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2
Permissions Required x_refsource_misc
https://redmine.openinfosecfoundation.org/issues/7104
Issue Tracking x_refsource_misc
https://redmine.openinfosecfoundation.org/issues/7105
Issue Tracking x_refsource_misc
https://redmine.openinfosecfoundation.org/issues/7112
Scores
CVSS v3
7.5
EPSS
0.0106
EPSS Percentile
77.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-770
Status
published
Products (1)
oisf/suricata
< 6.0.20
Published
Jul 11, 2024
Tracked Since
Feb 18, 2026