CVE-2024-55627

HIGH EPSS 57.9%
Published Jan 6, 20251y ago · Modified Jun 17, 20262w ago
7.5 CVSS 3.1
High
Find Similar
Published Jan 6, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.

CVSS Details

Base Score
7.5
Exploitability
3.9
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
57.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 3

CWE-122
CWE-191
CWE-787 Out-of-bounds Write Memory Safety

Affected Products 1

VendorProductVersionRange
oisfsuricata* <7.0.8

References 5

  • github.com https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd
    Patch
  • github.com https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be
    Patch
  • github.com https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432
    Patch
  • github.com https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v
    Vendor Advisory
  • redmine.openinfosecfoundation.org https://redmine.openinfosecfoundation.org/issues/7393
    Permissions Required

Remediation

  • github.com https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd
    Patch
  • github.com https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be
    Patch
  • github.com https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432
    Patch