Suricata Fixes Memory Leak in Pgsql Parsing
CVE-2024-23835

7.5HIGH

Key Information:

Vendor: Oisf
Status: Suricata
Vendor: CVE Published:; 26 February 2024

What is CVE-2024-23835?

The Suricata network Intrusion Detection System (IDS), Intrusion Prevention System (IPS), and Network Security Monitoring engine is affected by a vulnerability that arises from excessive memory usage during the parsing of pgsql data. This issue can lead to out-of-memory (OOM) conditions, potentially causing crashes of the engine before version 7.0.3. Users are encouraged to upgrade to version 7.0.3 or implement a workaround by disabling the pgsql application layer parser to mitigate the risk of system failures.

Affected Version(s)

suricata >= 7.0.0, <= 7.0.2

References

https://github.com/OISF/suricata/security/advisories/GHSA...

x_refsource_CONFIRM

https://github.com/OISF/suricata/commit/86de7cffa7e8f06fe...

x_refsource_MISC

https://github.com/OISF/suricata/commit/f52c033e566beafb4...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 26, 2024
Vulnerability Reserved
Jan 22, 2024

Oisf

What is CVE-2024-23835?

Affected Version(s)

References

CVSS V3.1

Timeline