CVE-2024-47187 Information

Description

Suricata is a network Intrusion Detection System Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7 missing initialization of the random seed for hash\ leads to datasets having predictable hash table behavior. This can lead to dataset file loading to use excessive time to load as well as runtime performance issues during traffic handling. This issue has been addressed in 7.0.7. As a workaround avoid loading datasets from untrusted sources. Avoid dataset rules that track traffic in rules.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://github.com/OISF/suricata/security/advisories/GHSA-64ww-4f6x-863p https://redmine.openinfosecfoundation.org/issues/7209

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5