{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-55627", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-12-09T17:48:05.556Z", "datePublished": "2025-01-06T17:50:41.554Z", "dateUpdated": "2025-01-06T19:15:13.448Z"}, "containers": {"cna": {"title": "Suricata segfault on StreamingBufferSlideToOffsetWithRegions", "problemTypes": [{"descriptions": [{"cweId": "CWE-191", "lang": "en", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-122", "lang": "en", "description": "CWE-122: Heap-based Buffer Overflow", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v"}, {"name": "https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd"}, {"name": "https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be"}, {"name": "https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432"}, {"name": "https://redmine.openinfosecfoundation.org/issues/7393", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/7393"}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"version": "< 7.0.8", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-01-06T17:50:41.554Z"}, "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8."}], "source": {"advisory": "GHSA-h2mv-7gg8-8x7v", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-06T19:15:00.575209Z", "id": "CVE-2024-55627", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-06T19:15:13.448Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-55627", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-06T19:15:00.575209Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-06T19:15:09.460Z"}}], "cna": {"title": "Suricata segfault on StreamingBufferSlideToOffsetWithRegions", "source": {"advisory": "GHSA-h2mv-7gg8-8x7v", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"status": "affected", "version": "< 7.0.8"}]}], "references": [{"url": "https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v", "name": "https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd", "name": "https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be", "name": "https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432", "name": "https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432", "tags": ["x_refsource_MISC"]}, {"url": "https://redmine.openinfosecfoundation.org/issues/7393", "name": "https://redmine.openinfosecfoundation.org/issues/7393", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-191", "description": "CWE-191: Integer Underflow (Wrap or Wraparound)"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-01-06T17:50:41.554Z"}}}, "cveMetadata": {"cveId": "CVE-2024-55627", "state": "PUBLISHED", "dateUpdated": "2025-01-06T19:15:13.448Z", "dateReserved": "2024-12-09T17:48:05.556Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-01-06T17:50:41.554Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "517BC70F-1F21-47EF-81FC-00A0B71E6EB4", "versionEndExcluding": "7.0.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8."}, {"lang": "es", "value": "Suricata es un sistema de detecci\u00f3n de intrusiones, un sistema de prevenci\u00f3n de intrusiones y un motor de monitoreo de seguridad de red. Antes de la versi\u00f3n 7.0.8, un flujo TCP especialmente manipulado puede provocar un desbordamiento de b\u00fafer muy grande mientras se llena con ceros durante la inicializaci\u00f3n con memset debido a un desbordamiento de enteros sin signo. El problema se ha solucionado en Suricata 7.0.8."}], "id": "CVE-2024-55627", "lastModified": "2025-03-31T13:40:33.967", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-01-06T18:15:22.757", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v"}, {"source": "security-advisories@github.com", "tags": ["Permissions Required"], "url": "https://redmine.openinfosecfoundation.org/issues/7393"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}, {"lang": "en", "value": "CWE-191"}], "source": "security-advisories@github.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}