CVE-2024-55627

Suricata segfault on StreamingBufferSlideToOffsetWithRegions

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.

INFO

Published Date :

2025-01-06T17:50:41.554Z

Last Modified :

2025-01-06T19:15:13.448Z

Source :

GitHub_M

AFFECTED PRODUCTS

The following products are affected by CVE-2024-55627 vulnerability.

Vendors	Products
Oisf	Suricata

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-55627.

URL	Resource
https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd
https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be
https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432
https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v
https://redmine.openinfosecfoundation.org/issues/7393

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact