CVE-2024-55628 Information
Description
Suricata is a network Intrusion Detection System Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8 DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode and lead to very large DNS log records. While there are limits in place they were too generous. The issue has been addressed in Suricata 7.0.8.
Reference
https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951 https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j https://redmine.openinfosecfoundation.org/issues/7280
Share on: