CVE-2024-38535

moderate-risk
Published 2024-07-11

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.

Do I need to act?

~
1.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Oisf

References (12)

Patch https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7
Patch https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2
Vendor Advisory https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563
Permissions Required https://redmine.openinfosecfoundation.org/issues/7104
Issue Tracking https://redmine.openinfosecfoundation.org/issues/7105
Issue Tracking https://redmine.openinfosecfoundation.org/issues/7112
Patch https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7
Patch https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2
Vendor Advisory https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563
Permissions Required https://redmine.openinfosecfoundation.org/issues/7104
Issue Tracking https://redmine.openinfosecfoundation.org/issues/7105
Issue Tracking https://redmine.openinfosecfoundation.org/issues/7112
34
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 3/34 · Minimal
Exposure 5/34 · Minimal