Main Vulnerability Database Vulnerabilities #VU102514

#VU102514 Input validation error in Suricata - CVE-2024-55629

Published: January 10, 2025

Vulnerability identifier: #VU102514

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2024-55629

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Suricata

Software vendor:
Open Information Security Foundation

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect handling of TCP streams with TCP urgent data (out of band data), which can lead to Suricata analyzing data differently than the applications at the TCP endpoints. A remote attacker can bypass generic detection when using TCP urgent support.

Remediation

Install updates from vendor's website.

External links

https://github.com/OISF/suricata/commit/6882bcb3e51bd3cf509fb6569cc30f48d7bb53d7
https://github.com/OISF/suricata/commit/779f9d8ba35c3f9b5abfa327d3a4209861bd2eb8
https://github.com/OISF/suricata/security/advisories/GHSA-69wr-vhwg-84h2
https://redmine.openinfosecfoundation.org/issues/7411

#VU102514 Input validation error in Suricata - CVE-2024-55629

Description

Remediation

External links

Please verify you're human