Use of insufficiently random values in Suricata - CVE-2024-47188
Published: October 16, 2024 / Updated: April 27, 2026
Suricata
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to use of insufficiently random values in http/byte-ranges byte-range tracking when processing byte-range data. A remote attacker can force large amounts of data into a single hash bucket to cause a denial of service.
The issue results in predictable hash table behavior and can lead to severe performance degradation.