CVE-2024-28870

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-28870

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-28870.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-28870

Aliases

GHSA-mhhx-xw7r-r5c8

Downstream

DEBIAN-CVE-2024-28870

UBUNTU-CVE-2024-28870

Published

2024-04-03T21:13:48.470Z

Modified

2026-03-14T12:28:07.251731Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

Suricata uses excessive resource use in malformed ssh traffic parsing

Details

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logging volume in alert records. This issue has been patched in versions 6.0.17 and 7.0.4.

Database specific

{
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/28xxx/CVE-2024-28870.json",
    "cwe_ids": [
        "CWE-770"
    ]
}

References

Affected packages

Git / github.com/oisf/suricata

Affected ranges

Type

GIT

Repo

https://github.com/oisf/suricata

Events

Introduced

Last affected

b46ffaaf430faa0a5a46915e223a49f06847b523

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.0.16"
        }
    ]
}

Type

GIT

Repo

https://github.com/oisf/suricata

Events

Introduced

21ec99aa76cc5406007ce12a4891f2eaedb02291

Last affected

be68bbc4ab288ec84d2fe5e0737ace17ab74ef26

Database specific

{
    "versions": [
        {
            "introduced": "7.0.0"
        },
        {
            "last_affected": "7.0.3"
        }
    ]
}

Affected versions

suricata-0.*

suricata-0.8.2

suricata-1.*

suricata-1.0.0

suricata-1.0.1

suricata-1.0.2

suricata-1.1

suricata-1.1beta1

suricata-1.1beta2

suricata-1.1beta3

suricata-1.1rc1

suricata-1.2

suricata-1.2.1

suricata-1.2beta1

suricata-1.2rc1

suricata-1.3

suricata-1.3.1

suricata-1.3beta1

suricata-1.3beta2

suricata-1.3rc1

suricata-1.4

suricata-1.4beta1

suricata-1.4beta2

suricata-1.4beta3

suricata-1.4rc1

suricata-2.*

suricata-2.0

suricata-2.0.1

suricata-2.0.1rc1

suricata-2.0.2

suricata-2.0beta1

suricata-2.0beta2

suricata-2.0rc1

suricata-2.0rc2

suricata-2.0rc3

suricata-2.1beta1

suricata-2.1beta2

suricata-2.1beta3

suricata-2.1beta4

suricata-3.*

suricata-3.0

suricata-3.0.1

suricata-3.0.1RC1

suricata-3.0RC1

suricata-3.0RC2

suricata-3.0RC3

suricata-3.1

suricata-3.1.1

suricata-3.1.2

suricata-3.1RC1

suricata-3.2

suricata-3.2.1

suricata-3.2RC1

suricata-3.2beta1

suricata-4.*

suricata-4.0.0

suricata-4.0.0-beta1

suricata-4.0.0-rc1

suricata-4.0.0-rc2

suricata-4.0.1

suricata-4.1.0

suricata-4.1.0-beta1

suricata-4.1.0-rc1

suricata-4.1.0-rc2

suricata-4.1.1

suricata-4.1.2

suricata-5.*

suricata-5.0.0

suricata-5.0.0-beta1

suricata-5.0.0-rc1

suricata-5.0.1

suricata-6.*

suricata-6.0.0

suricata-6.0.0-beta1

suricata-6.0.0-rc1

suricata-6.0.1

suricata-6.0.10

suricata-6.0.11

suricata-6.0.12

suricata-6.0.13

suricata-6.0.14

suricata-6.0.15

suricata-6.0.16

suricata-6.0.2

suricata-6.0.3

suricata-6.0.4

suricata-6.0.5

suricata-6.0.6

suricata-6.0.7

suricata-6.0.8

suricata-6.0.9

suricata-7.*

suricata-7.0.0

suricata-7.0.1

suricata-7.0.2

suricata-7.0.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-28870.json"