CVE-2024-38535 - OpenCVE

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Oisf	Suricata

Configuration 1 [-]

OR	cpe:2.3:a:oisf:suricata::::::::
	cpe:2.3:a:oisf:suricata::::::::

No data.

References

Link	Providers
https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7
https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2
https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563
https://redmine.openinfosecfoundation.org/issues/7104
https://redmine.openinfosecfoundation.org/issues/7105
https://redmine.openinfosecfoundation.org/issues/7112

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-07-11T14:50:24.147Z

Updated: 2024-08-02T04:12:25.626Z

Reserved: 2024-06-18T16:37:02.729Z

Link: CVE-2024-38535

Vulnrichment

Updated: 2024-07-11T15:04:52.502Z

NVD

Status : Analyzed

Published: 2024-07-11T15:15:12.557

Modified: 2024-07-12T18:46:12.900

Link: CVE-2024-38535

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-38535", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-18T16:37:02.729Z", "datePublished": "2024-07-11T14:50:24.147Z", "dateUpdated": "2024-08-02T04:12:25.626Z"}, "containers": {"cna": {"title": "Suricata http2: oom from duplicate headers", "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "lang": "en", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}, {"name": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"}, {"name": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7104", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7104"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7105", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7105"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7112", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7112"}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"version": "< 6.0.20", "status": "affected"}, {"version": ">= 7.0.0, < 7.0.6", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-11T14:50:24.147Z"}, "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6."}], "source": {"advisory": "GHSA-cg8j-7mwm-v563", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "oisf", "product": "suricata", "cpes": ["cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "6.0.20", "versionType": "custom"}, {"version": "7.0.0", "status": "affected", "lessThan": "7.0.6", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-11T15:02:37.781270Z", "id": "CVE-2024-38535", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T18:08:53.690Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:12:25.626Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}, {"name": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"}, {"name": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7104", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/7104"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7105", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/7105"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7112", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/7112"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Suricata http2: oom from duplicate headers", "source": {"advisory": "GHSA-cg8j-7mwm-v563", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"status": "affected", "version": "< 6.0.20"}, {"status": "affected", "version": ">= 7.0.0, < 7.0.6"}]}], "references": [{"url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "name": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "name": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "name": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7104", "name": "https://redmine.openinfosecfoundation.org/issues/7104", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7105", "name": "https://redmine.openinfosecfoundation.org/issues/7105", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7112", "name": "https://redmine.openinfosecfoundation.org/issues/7112", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770: Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-11T14:50:24.147Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-38535", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-11T15:02:37.781270Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*"], "vendor": "oisf", "product": "suricata", "versions": [{"status": "affected", "version": "0", "lessThan": "6.0.20", "versionType": "custom"}, {"status": "affected", "version": "7.0.0", "lessThan": "7.0.6", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2024-07-11T15:04:52.502Z"}}]}, "cveMetadata": {"cveId": "CVE-2024-38535", "state": "PUBLISHED", "dateUpdated": "2024-07-11T14:50:24.147Z", "dateReserved": "2024-06-18T16:37:02.729Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-11T14:50:24.147Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F5A2B49-48DE-4DBF-9FB3-4CCF294E5B0E", "versionEndExcluding": "6.0.20", "vulnerable": true}, {"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "108D4F28-A795-4119-A750-9108C85201DC", "versionEndExcluding": "7.0.6", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6."}, {"lang": "es", "value": "Suricata es un sistema de detecci\u00f3n de intrusiones en la red, un sistema de prevenci\u00f3n de intrusiones y un motor de monitoreo de seguridad de la red. Suricata puede quedarse sin memoria al analizar el tr\u00e1fico HTTP/2 manipulado. Actualice a 6.0.20 o 7.0.6."}], "id": "CVE-2024-38535", "lastModified": "2024-07-12T18:46:12.900", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-07-11T15:15:12.557", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}, {"source": "security-advisories@github.com", "tags": ["Permissions Required"], "url": "https://redmine.openinfosecfoundation.org/issues/7104"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7105"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7112"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-770"}], "source": "security-advisories@github.com", "type": "Secondary"}]}