CVE-2024-38535 - Vulnerability Details - OpenCVE

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.

Published: 2024-07-11

Score: 7.5 High

EPSS: 1.1% Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

OISF

suricata

affected

Version	Status	Constraints
`< 6.0.20`	affected	—
`>= 7.0.0, < 7.0.6`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:oisf:suricata::::::::
	cpe:2.3:a:oisf:suricata::::::::

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2024-37399	Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.01059.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7
https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2
https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563
https://redmine.openinfosecfoundation.org/issues/7104
https://redmine.openinfosecfoundation.org/issues/7105
https://redmine.openinfosecfoundation.org/issues/7112

History

No history.

Subscriptions

Oisf Suricata

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-07-11T14:50:24.147Z

Updated: 2024-08-02T04:12:25.626Z

Reserved: 2024-06-18T16:37:02.729Z

Link: CVE-2024-38535

Vulnrichment

Updated: 2024-07-11T15:04:52.502Z

NVD

Status : Modified

Published: 2024-07-11T15:15:12.557

Modified: 2024-11-21T09:26:14.610

Link: CVE-2024-38535

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-770

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-38535", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-18T16:37:02.729Z", "datePublished": "2024-07-11T14:50:24.147Z", "dateUpdated": "2024-08-02T04:12:25.626Z"}, "containers": {"cna": {"title": "Suricata http2: oom from duplicate headers", "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "lang": "en", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}, {"name": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"}, {"name": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7104", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7104"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7105", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7105"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7112", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7112"}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"version": "< 6.0.20", "status": "affected"}, {"version": ">= 7.0.0, < 7.0.6", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-11T14:50:24.147Z"}, "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6."}], "source": {"advisory": "GHSA-cg8j-7mwm-v563", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "oisf", "product": "suricata", "cpes": ["cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "6.0.20", "versionType": "custom"}, {"version": "7.0.0", "status": "affected", "lessThan": "7.0.6", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-11T15:02:37.781270Z", "id": "CVE-2024-38535", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T18:08:53.690Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:12:25.626Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}, {"name": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"}, {"name": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7104", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/7104"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7105", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/7105"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7112", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/7112"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Suricata http2: oom from duplicate headers", "source": {"advisory": "GHSA-cg8j-7mwm-v563", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"status": "affected", "version": "< 6.0.20"}, {"status": "affected", "version": ">= 7.0.0, < 7.0.6"}]}], "references": [{"url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "name": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "name": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "name": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7104", "name": "https://redmine.openinfosecfoundation.org/issues/7104", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7105", "name": "https://redmine.openinfosecfoundation.org/issues/7105", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7112", "name": "https://redmine.openinfosecfoundation.org/issues/7112", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770: Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-11T14:50:24.147Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-38535", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-11T15:02:37.781270Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*"], "vendor": "oisf", "product": "suricata", "versions": [{"status": "affected", "version": "0", "lessThan": "6.0.20", "versionType": "custom"}, {"status": "affected", "version": "7.0.0", "lessThan": "7.0.6", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2024-07-11T15:04:52.502Z"}}]}, "cveMetadata": {"cveId": "CVE-2024-38535", "state": "PUBLISHED", "dateUpdated": "2024-07-11T14:50:24.147Z", "dateReserved": "2024-06-18T16:37:02.729Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-11T14:50:24.147Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F5A2B49-48DE-4DBF-9FB3-4CCF294E5B0E", "versionEndExcluding": "6.0.20", "vulnerable": true}, {"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "108D4F28-A795-4119-A750-9108C85201DC", "versionEndExcluding": "7.0.6", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6."}, {"lang": "es", "value": "Suricata es un sistema de detecci\u00f3n de intrusiones en la red, un sistema de prevenci\u00f3n de intrusiones y un motor de monitoreo de seguridad de la red. Suricata puede quedarse sin memoria al analizar el tr\u00e1fico HTTP/2 manipulado. Actualice a 6.0.20 o 7.0.6."}], "id": "CVE-2024-38535", "lastModified": "2024-11-21T09:26:14.610", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-11T15:15:12.557", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}, {"source": "security-advisories@github.com", "tags": ["Permissions Required"], "url": "https://redmine.openinfosecfoundation.org/issues/7104"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7105"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7112"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "https://redmine.openinfosecfoundation.org/issues/7104"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7105"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7112"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-770"}], "source": "nvd@nist.gov", "type": "Primary"}]}