CVE-2024-23835

NameCVE-2024-23835
DescriptionSuricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched in 7.0.3. As workaround, users can disable the pgsql app layer parser.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
suricata (PTS)jessie, jessie (lts)2.0.7-2+deb8u5vulnerable
stretch3.2.1-1+deb9u1vulnerable
buster, buster (lts)1:4.1.2-2+deb10u2fixed
bullseye1:6.0.1-3fixed
bookworm1:6.0.10-1fixed
sid, trixie1:7.0.8-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
suricatasourcejessie(unfixed)end-of-life
suricatasourcestretch(unfixed)end-of-life
suricatasourcebuster(not affected)
suricatasourcebullseye(not affected)
suricatasourcebookworm(not affected)
suricatasource(unstable)1:7.0.3-1

Notes

[bookworm] - suricata <not-affected> (Vulnerable code not present)
[bullseye] - suricata <not-affected> (Vulnerable code not present)
[buster] - suricata <not-affected> (Vulnerable code not present)
https://github.com/OISF/suricata/security/advisories/GHSA-8583-353f-mvwc
https://redmine.openinfosecfoundation.org/issues/6411
https://github.com/OISF/suricata/commit/86de7cffa7e8f06fe9d600127e7dabe89c7e81dd (master)
https://github.com/OISF/suricata/commit/f52c033e566beafb4480c139eb18662a2870464f (master)
https://github.com/OISF/suricata/commit/b0d762d2675a2441b74e039d54bfa5b050641f8e (suricata-7.0.3)
https://github.com/OISF/suricata/commit/61a32360eba3c032de51029a05515ab46690286f (suricata-7.0.3)

Search for package or bug name: Reporting problems