CVE-2024-55627
Vulnerability from cvelistv5
Published
2025-01-06 17:50
Modified
2025-01-06 19:15
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.
References
security-advisories@github.comhttps://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd
security-advisories@github.comhttps://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be
security-advisories@github.comhttps://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432
security-advisories@github.comhttps://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v
security-advisories@github.comhttps://redmine.openinfosecfoundation.org/issues/7393
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-55627",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-06T19:15:00.575209Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-06T19:15:13.448Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "suricata",
          "vendor": "OISF",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.0.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-191",
              "description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122: Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-06T17:50:41.554Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v"
        },
        {
          "name": "https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd"
        },
        {
          "name": "https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be"
        },
        {
          "name": "https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432"
        },
        {
          "name": "https://redmine.openinfosecfoundation.org/issues/7393",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://redmine.openinfosecfoundation.org/issues/7393"
        }
      ],
      "source": {
        "advisory": "GHSA-h2mv-7gg8-8x7v",
        "discovery": "UNKNOWN"
      },
      "title": "Suricata segfault on StreamingBufferSlideToOffsetWithRegions"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-55627",
    "datePublished": "2025-01-06T17:50:41.554Z",
    "dateReserved": "2024-12-09T17:48:05.556Z",
    "dateUpdated": "2025-01-06T19:15:13.448Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.\"}, {\"lang\": \"es\", \"value\": \"Suricata es un sistema de detecci\\u00f3n de intrusiones, un sistema de prevenci\\u00f3n de intrusiones y un motor de monitoreo de seguridad de red. Antes de la versi\\u00f3n 7.0.8, un flujo TCP especialmente manipulado puede provocar un desbordamiento de b\\u00fafer muy grande mientras se llena con ceros durante la inicializaci\\u00f3n con memset debido a un desbordamiento de enteros sin signo. El problema se ha solucionado en Suricata 7.0.8.\"}]",
      "id": "CVE-2024-55627",
      "lastModified": "2025-01-06T18:15:22.757",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.6}]}",
      "published": "2025-01-06T18:15:22.757",
      "references": "[{\"url\": \"https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://redmine.openinfosecfoundation.org/issues/7393\", \"source\": \"security-advisories@github.com\"}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-122\"}, {\"lang\": \"en\", \"value\": \"CWE-191\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-55627\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-01-06T18:15:22.757\",\"lastModified\":\"2025-01-06T18:15:22.757\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"},{\"lang\":\"en\",\"value\":\"CWE-191\"}]}],\"references\":[{\"url\":\"https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://redmine.openinfosecfoundation.org/issues/7393\",\"source\":\"security-advisories@github.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-55627\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-06T19:15:00.575209Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-06T19:15:09.460Z\"}}], \"cna\": {\"title\": \"Suricata segfault on StreamingBufferSlideToOffsetWithRegions\", \"source\": {\"advisory\": \"GHSA-h2mv-7gg8-8x7v\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"OISF\", \"product\": \"suricata\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 7.0.8\"}]}], \"references\": [{\"url\": \"https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v\", \"name\": \"https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd\", \"name\": \"https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be\", \"name\": \"https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432\", \"name\": \"https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://redmine.openinfosecfoundation.org/issues/7393\", \"name\": \"https://redmine.openinfosecfoundation.org/issues/7393\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-191\", \"description\": \"CWE-191: Integer Underflow (Wrap or Wraparound)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122: Heap-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-01-06T17:50:41.554Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-55627\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-06T19:15:13.448Z\", \"dateReserved\": \"2024-12-09T17:48:05.556Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-01-06T17:50:41.554Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.