SB20240711247 - Multiple vulnerabilities in Suricata
Published: July 11, 2024 Updated: April 27, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) NULL pointer dereference (CVE-ID: CVE-2024-38536)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a null pointer dereference in the http/range handling code when processing HTTP traffic after http.memcap is reached. A remote attacker can send network traffic that triggers memory allocation failure to cause a denial of service.
2) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2024-38534)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to allocation of resources without limits or throttling in the modbus parser when processing crafted modbus traffic. A remote attacker can send specially crafted modbus traffic to cause a denial of service.
The issue can lead to unlimited resource accumulation within a flow. The modbus parser is disabled by default.
3) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2024-38535)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to allocation of resources without limits or throttling in the HTTP/2 parser when parsing crafted HTTP/2 traffic with duplicate headers. A remote attacker can send specially crafted HTTP/2 traffic to cause a denial of service.
4) Always-Incorrect Control Flow Implementation (CVE-ID: CVE-2024-37151)
The vulnerability allows a remote attacker to bypass security policy enforcement.
The vulnerability exists due to improper handling of fragmented packets in the defragmentation functionality when processing multiple fragmented packets using the same IP ID value. A remote attacker can send specially crafted fragmented packets to bypass security policy enforcement.
Remediation
Install update from vendor's website.
References
- https://github.com/OISF/suricata/security/advisories/GHSA-j32j-4w6g-94hh
- https://github.com/OISF/suricata/security/advisories/GHSA-59qg-h357-69fq
- https://github.com/advisories/GHSA-59qg-h357-69fq
- https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563
- https://github.com/advisories/GHSA-cg8j-7mwm-v563
- https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24