Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to byte-range tracking having predictable hash table behavior. This can lead to an attacker forcing lots of data into a single hash bucket, leading to severe performance degradation. This issue has been addressed in 7.0.7.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00092}

epss

{'score': 0.00103}


Tue, 22 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Oisf
Oisf suricata
Weaknesses CWE-327
CPEs cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*
Vendors & Products Oisf
Oisf suricata

Wed, 16 Oct 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 16 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
Description Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to byte-range tracking having predictable hash table behavior. This can lead to an attacker forcing lots of data into a single hash bucket, leading to severe performance degradation. This issue has been addressed in 7.0.7.
Title Suricata http/byte-ranges: missing hashtable random seed leads to potential DoS
Weaknesses CWE-330
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2024-10-16T19:38:54.398Z

Reserved: 2024-09-19T22:32:11.964Z

Link: CVE-2024-47188

cve-icon Vulnrichment

Updated: 2024-10-16T19:38:50.559Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-16T19:15:27.670

Modified: 2024-10-22T13:50:17.493

Link: CVE-2024-47188

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.