UBUNTU-CVE-2024-23839

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2024-23839

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-23839.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2024-23839

Related

CVE-2024-23839

Published

2024-02-26T16:27:00Z

Modified

2025-06-02T17:24:43Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVSS Calculator
8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.requestheader or http.responseheader keyword. The vulnerability has been patched in 7.0.3. To work around the vulnerability, avoid the http.requestheader and http.responseheader keywords.

References

Affected packages

Ubuntu:Pro:16.04:LTS / suricata

Package

Name: suricata
Purl: pkg:deb/ubuntu/suricata@3.0-1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.0.8-1build1

2.0.9-1

2.0.10-1

2.0.10-2

2.0.11-1

3.*

3.0-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / suricata

Package

Name: suricata
Purl: pkg:deb/ubuntu/suricata@3.2-2ubuntu3?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.2-2ubuntu3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / suricata

Package

Name: suricata
Purl: pkg:deb/ubuntu/suricata@1:6.0.4-3?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:6.*

1:6.0.4-2

1:6.0.4-3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / suricata

Package

Name: suricata
Purl: pkg:deb/ubuntu/suricata@1:7.0.6-1?arch=source&distro=oracular

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:7.*

1:7.0.3-1build3

1:7.0.5-1

1:7.0.6-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / suricata

Package

Name: suricata
Purl: pkg:deb/ubuntu/suricata@1:7.0.3-1build3?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:7.*

1:7.0.0-2

1:7.0.2-1

1:7.0.2-1build1

1:7.0.3-1build1

1:7.0.3-1build3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:25.04 / suricata

Package

Name: suricata
Purl: pkg:deb/ubuntu/suricata@1:7.0.8-2?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:7.*

1:7.0.6-1

1:7.0.7-1

1:7.0.8-1

1:7.0.8-1build1

1:7.0.8-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}