CVE-2024-55628

EUVD-2024-52826
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.
Amplification
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
GitHub_MCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
oisfsuricata
𝑥
< 7.0.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
suricata
bookworm
no-dsa
bullseye
vulnerable
bullseye (security)
vulnerable
forky
1:8.0.2-1
fixed
sid
1:8.0.2-1
fixed
trixie
1:7.0.10-1+deb13u1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
suricata
bionic
needs-triage
focal
dne
jammy
needs-triage
noble
needs-triage
oracular
ignored
plucky
not-affected
questing
not-affected
xenial
needs-triage
Common Weakness Enumeration
References
https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951
https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d
https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d
https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j
https://redmine.openinfosecfoundation.org/issues/7280