CVE-2024-23836

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-23836

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-23836.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-23836

Aliases

GHSA-q33q-45cr-3cpc

Downstream

DEBIAN-CVE-2024-23836

UBUNTU-CVE-2024-23836

Published

2024-02-26T15:44:03Z

Modified

2025-11-04T20:16:49.856209Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

crafted traffic can cause denial of service

Details

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extreme slow downs and denial of service. This vulnerability is patched in 6.0.16 or 7.0.3. Workarounds include disabling the affected protocol app-layer parser in the yaml and reducing the stream.reassembly.depth value helps reduce the severity of the issue.

Database specific

{
    "cwe_ids": [
        "CWE-770"
    ]
}

References

Affected packages

Git / github.com/oisf/suricata

Affected ranges

Type

GIT

Repo

https://github.com/oisf/suricata

Events

Introduced

Fixed

b46ffaaf430faa0a5a46915e223a49f06847b523

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "6.0.16"
        }
    ]
}

Type

GIT

Repo

https://github.com/oisf/suricata

Events

Introduced

21ec99aa76cc5406007ce12a4891f2eaedb02291

Fixed

be68bbc4ab288ec84d2fe5e0737ace17ab74ef26

Database specific

{
    "versions": [
        {
            "introduced": "7.0.0"
        },
        {
            "fixed": "7.0.3"
        }
    ]
}

Affected versions

suricata-0.*

suricata-0.8.2

suricata-1.*

suricata-1.0.0

suricata-1.0.1

suricata-1.0.2

suricata-1.1

suricata-1.1beta1

suricata-1.1beta2

suricata-1.1beta3

suricata-1.1rc1

suricata-1.2

suricata-1.2.1

suricata-1.2beta1

suricata-1.2rc1

suricata-1.3

suricata-1.3.1

suricata-1.3beta1

suricata-1.3beta2

suricata-1.3rc1

suricata-1.4

suricata-1.4beta1

suricata-1.4beta2

suricata-1.4beta3

suricata-1.4rc1

suricata-2.*

suricata-2.0

suricata-2.0.1

suricata-2.0.1rc1

suricata-2.0.2

suricata-2.0beta1

suricata-2.0beta2

suricata-2.0rc1

suricata-2.0rc2

suricata-2.0rc3

suricata-2.1beta1

suricata-2.1beta2

suricata-2.1beta3

suricata-2.1beta4

suricata-3.*

suricata-3.0

suricata-3.0.1

suricata-3.0.1RC1

suricata-3.0RC1

suricata-3.0RC2

suricata-3.0RC3

suricata-3.1

suricata-3.1.1

suricata-3.1.2

suricata-3.1RC1

suricata-3.2

suricata-3.2.1

suricata-3.2RC1

suricata-3.2beta1

suricata-4.*

suricata-4.0.0

suricata-4.0.0-beta1

suricata-4.0.0-rc1

suricata-4.0.0-rc2

suricata-4.0.1

suricata-4.1.0

suricata-4.1.0-beta1

suricata-4.1.0-rc1

suricata-4.1.0-rc2

suricata-4.1.1

suricata-4.1.2

suricata-5.*

suricata-5.0.0

suricata-5.0.0-beta1

suricata-5.0.0-rc1

suricata-5.0.1

suricata-6.*

suricata-6.0.0

suricata-6.0.0-beta1

suricata-6.0.0-rc1

suricata-6.0.1

suricata-6.0.10

suricata-6.0.11

suricata-6.0.12

suricata-6.0.13

suricata-6.0.14

suricata-6.0.15

suricata-6.0.2

suricata-6.0.3

suricata-6.0.4

suricata-6.0.5

suricata-6.0.6

suricata-6.0.7

suricata-6.0.8

suricata-6.0.9

suricata-7.*

suricata-7.0.0

suricata-7.0.1

suricata-7.0.2