CVE-2024-32867

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-32867
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9 Patch
https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66 Patch
https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634 Patch
https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b Patch
https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9 Patch
https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8 Patch
https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5 Vendor Advisory
https://redmine.openinfosecfoundation.org/issues/6672 Issue Tracking
https://redmine.openinfosecfoundation.org/issues/6673 Issue Tracking
https://redmine.openinfosecfoundation.org/issues/6677 Issue Tracking
https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9 Patch
https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66 Patch
https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634 Patch
https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b Patch
https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9 Patch
https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8 Patch
https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5 Vendor Advisory
https://redmine.openinfosecfoundation.org/issues/6672 Issue Tracking
https://redmine.openinfosecfoundation.org/issues/6673 Issue Tracking
https://redmine.openinfosecfoundation.org/issues/6677 Issue Tracking
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*
cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2024-05-07 15:15

Updated : 2024-12-19 19:48

NVD link : CVE-2024-32867

Mitre link : CVE-2024-32867

CVE.ORG link : CVE-2024-32867

JSON object : View

Products Affected

oisf

  • suricata
CWE
CWE-754

Improper Check for Unusual or Exceptional Conditions