Unlimited Resource Accumulation in Modbus Traffic
CVE-2024-38534

7.5HIGH

Key Information:

Vendor: Oisf
Status: Suricata
Vendor: CVE Published:; 11 July 2024

What is CVE-2024-38534?

Suricata, a widely-used network Intrusion Detection System and Network Security Monitoring engine, is impacted by a vulnerability that arises from crafted modbus traffic. This vulnerability can lead to unlimited resource accumulation within a single flow, potentially disrupting the functioning of the security engine. To mitigate this issue, it is advised to upgrade to version 7.0.6 and to set a limited value for the stream.reassembly.depth parameter, which helps in controlling the amount of unused resources. For further details and guidance, additional resources and advisories are available in the linked references.

Affected Version(s)

suricata < 7.0.6

References

https://github.com/OISF/suricata/security/advisories/GHSA...

x_refsource_CONFIRM

https://github.com/OISF/suricata/commit/a753cdbe84caee3b6...

x_refsource_MISC

https://redmine.openinfosecfoundation.org/issues/6987

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 11, 2024
Vulnerability Reserved
Jun 18, 2024

Oisf

What is CVE-2024-38534?

Affected Version(s)

References

CVSS V3.1

Timeline