Main Vulnerability Database Vulnerabilities #VU128044

#VU128044 Always-Incorrect Control Flow Implementation in Suricata - CVE-2024-37151

Published: July 11, 2024 / Updated: April 27, 2026

Vulnerability identifier: #VU128044

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2024-37151

CWE-ID: CWE-670

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Suricata

Software vendor:
Open Information Security Foundation

Description

The vulnerability allows a remote attacker to bypass security policy enforcement.

The vulnerability exists due to improper handling of fragmented packets in the defragmentation functionality when processing multiple fragmented packets using the same IP ID value. A remote attacker can send specially crafted fragmented packets to bypass security policy enforcement.

Remediation

Install security update from vendor's website.

External links

https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24

#VU128044 Always-Incorrect Control Flow Implementation in Suricata - CVE-2024-37151

Description

Remediation

External links

Please verify you're human