CVE-2024-38535 - Vulnerability Details - OpenCVE

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00826.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Oisf	Suricata

Configuration 1 [-]

OR	cpe:2.3:a:oisf:suricata::::::::
	cpe:2.3:a:oisf:suricata::::::::

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-37399	Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7
https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2
https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563
https://redmine.openinfosecfoundation.org/issues/7104
https://redmine.openinfosecfoundation.org/issues/7105
https://redmine.openinfosecfoundation.org/issues/7112

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-07-11T14:50:24.147Z

Updated: 2024-08-02T04:12:25.626Z

Reserved: 2024-06-18T16:37:02.729Z

Link: CVE-2024-38535

Vulnrichment

Updated: 2024-07-11T15:04:52.502Z

NVD

Status : Modified

Published: 2024-07-11T15:15:12.557

Modified: 2024-11-21T09:26:14.610

Link: CVE-2024-38535

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-38535", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-06-18T16:37:02.729Z", "datePublished": "2024-07-11T14:50:24.147Z", "dateUpdated": "2024-08-02T04:12:25.626Z"}, "containers": {"cna": {"title": "Suricata http2: oom from duplicate headers", "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "lang": "en", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}, {"name": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"}, {"name": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7104", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7104"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7105", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7105"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7112", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7112"}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"version": "< 6.0.20", "status": "affected"}, {"version": ">= 7.0.0, < 7.0.6", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-11T14:50:24.147Z"}, "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6."}], "source": {"advisory": "GHSA-cg8j-7mwm-v563", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "oisf", "product": "suricata", "cpes": ["cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "6.0.20", "versionType": "custom"}, {"version": "7.0.0", "status": "affected", "lessThan": "7.0.6", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-11T15:02:37.781270Z", "id": "CVE-2024-38535", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-11T18:08:53.690Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:12:25.626Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}, {"name": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"}, {"name": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7104", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/7104"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7105", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/7105"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7112", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/7112"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Suricata http2: oom from duplicate headers", "source": {"advisory": "GHSA-cg8j-7mwm-v563", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"status": "affected", "version": "< 6.0.20"}, {"status": "affected", "version": ">= 7.0.0, < 7.0.6"}]}], "references": [{"url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "name": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "name": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "name": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7104", "name": "https://redmine.openinfosecfoundation.org/issues/7104", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7105", "name": "https://redmine.openinfosecfoundation.org/issues/7105", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7112", "name": "https://redmine.openinfosecfoundation.org/issues/7112", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770: Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-11T14:50:24.147Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-38535", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-11T15:02:37.781270Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*"], "vendor": "oisf", "product": "suricata", "versions": [{"status": "affected", "version": "0", "lessThan": "6.0.20", "versionType": "custom"}, {"status": "affected", "version": "7.0.0", "lessThan": "7.0.6", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2024-07-11T15:04:52.502Z"}}]}, "cveMetadata": {"cveId": "CVE-2024-38535", "state": "PUBLISHED", "dateUpdated": "2024-07-11T14:50:24.147Z", "dateReserved": "2024-06-18T16:37:02.729Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-11T14:50:24.147Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F5A2B49-48DE-4DBF-9FB3-4CCF294E5B0E", "versionEndExcluding": "6.0.20", "vulnerable": true}, {"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "108D4F28-A795-4119-A750-9108C85201DC", "versionEndExcluding": "7.0.6", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Suricata can run out of memory when parsing crafted HTTP/2 traffic. Upgrade to 6.0.20 or 7.0.6."}, {"lang": "es", "value": "Suricata es un sistema de detecci\u00f3n de intrusiones en la red, un sistema de prevenci\u00f3n de intrusiones y un motor de monitoreo de seguridad de la red. Suricata puede quedarse sin memoria al analizar el tr\u00e1fico HTTP/2 manipulado. Actualice a 6.0.20 o 7.0.6."}], "id": "CVE-2024-38535", "lastModified": "2024-11-21T09:26:14.610", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-11T15:15:12.557", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}, {"source": "security-advisories@github.com", "tags": ["Permissions Required"], "url": "https://redmine.openinfosecfoundation.org/issues/7104"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7105"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7112"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/62d5cac1b8483d5f9d2b79833a4e59f5d80129b7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/c82fa5ca0d1ce0bd8f936e0b860707a6571373b2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-cg8j-7mwm-v563"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "https://redmine.openinfosecfoundation.org/issues/7104"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7105"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/7112"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-770"}], "source": "nvd@nist.gov", "type": "Primary"}]}