CVE-2024-55628

moderate-risk

Published 2025-01-06

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.

Do I need to act?

0.54% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (1)

Suricata

Affected Vendors

Oisf

References (5)

Patch https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951

Patch https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d

Patch https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d

Vendor Advisory https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j

Permissions Required https://redmine.openinfosecfoundation.org/issues/7280

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 2/34 · Minimal

Exposure 5/34 · Minimal