Memory usage issue in Suricata 7.0.5 and 6.0.19 resolved
CVE-2024-32663

7.5HIGH

Key Information:

Vendor

Oisf

Status
Suricata
Vendor
CVE Published:
7 May 2024

What is CVE-2024-32663?

A memory management vulnerability exists in Suricata, a prominent network Intrusion Detection System, Intrusion Prevention System, and Network Security Monitoring engine. This flaw allows a limited amount of HTTP/2 traffic to potentially cause Suricata to consume an excessive amount of memory, leading to performance degradation. The issue has been rectified in Suricata versions 7.0.5 and 6.0.19. As a temporary workaround, users can disable the HTTP/2 parser or adjust the configuration by reducing the default value of app-layer.protocols.http2.max-table-size, which is set to 65536.

Affected Version(s)

suricata >= 7.0.0, <= 7.0.4 <= 7.0.0, 7.0.4

suricata >= 6.0.0, <= 6.0.18 <= 6.0.0, 6.0.18

References

https://github.com/OISF/suricata/security/advisories/GHSA...
x_refsource_CONFIRM
https://github.com/OISF/suricata/commit/08d93f7c3762781b7...
x_refsource_MISC
https://github.com/OISF/suricata/commit/c0af92295e833d1db...
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-32663 : Memory usage issue in Suricata 7.0.5 and 6.0.19 resolved