Predictable hash table behavior in versions prior to 7.0.7
CVE-2024-47187

7.5HIGH

Key Information:

Vendor: Suricata
Status: Suricata
Vendor: CVE Published:; 16 October 2024

What is CVE-2024-47187?

The vulnerability in Suricata, a robust network Intrusion Detection and Prevention System, originates from a flaw in the initialization of the random seed for the 'thash' algorithm. This oversight results in predictable behavior in hash tables, leading to significant performance degradation. Users may experience prolonged loading times for datasets and suboptimal runtime performance during traffic handling. As a proactive measure, users are advised to avoid loading datasets from untrusted sources and refrain from utilizing dataset rules that monitor traffic.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/OISF/suricata/security/advisories/GHSA...

https://redmine.openinfosecfoundation.org/issues/7209

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2024

JSON

Suricata

What is CVE-2024-47187?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.