Suricata: Heap Use After Free Vulnerability Affects Network Security
CVE-2024-23839

7.1HIGH

Key Information:

Vendor: Oisf
Status: Suricata
Vendor: CVE Published:; 26 February 2024

What is CVE-2024-23839?

In the Suricata network Intrusion Detection and Prevention System, a heap use after free vulnerability exists in versions prior to 7.0.3. This is triggered by specially crafted network traffic that manipulates the http.request_header or http.response_header keywords. The flaw allows an attacker to potentially exploit the system, compromising network security monitoring. Users are advised to upgrade to Suricata version 7.0.3 or later to mitigate the risks associated with this vulnerability. Alternatively, avoiding the use of the specified keywords in the ruleset can provide a temporary workaround. For detailed information and patch notes, please refer to the official advisories.

Affected Version(s)

suricata >= 7.0.0, < 7.0.3

References

https://github.com/OISF/suricata/security/advisories/GHSA...

x_refsource_CONFIRM

https://github.com/OISF/suricata/commit/cd731fcaf42e5f707...

x_refsource_MISC

https://redmine.openinfosecfoundation.org/issues/6657

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 26, 2024
Vulnerability Reserved
Jan 22, 2024

Oisf

What is CVE-2024-23839?

Affected Version(s)

References

CVSS V3.1

Timeline