CVE-2024-45796

MEDIUM

Suricata < 7.0.7 - Denial of Service via Fragment Reassembly Logic Error

Title source: llm

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could craft packets to trigger this behavior.This issue has been addressed in 7.0.7.

References (3)

Core 3

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/03/msg00029.html

Issue Tracking x_refsource_misc

https://redmine.openinfosecfoundation.org/issues/7067

Third Party Advisory x_refsource_confirm

https://github.com/OISF/suricata/security/advisories/GHSA-mf6r-3xp2-v7xg

Scores

CVSS v3 5.3

EPSS 0.0047

EPSS Percentile 37.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-193

Status published

Products (2)

oisf/suricata < 7.0.7

OISF/suricata < 7.0.7

Published Oct 16, 2024

Tracked Since Feb 18, 2026