Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.

INFO

Published Date :

2025-01-06T18:02:10.692Z

Last Modified :

2025-01-06T19:14:33.486Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-55628 vulnerability.

Vendors Products
Oisf
  • Suricata
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-55628.

URL Resource
https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951 cve-icon cve-icon
https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d cve-icon cve-icon
https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d cve-icon cve-icon
https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j cve-icon cve-icon
https://redmine.openinfosecfoundation.org/issues/7280 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact