GitHub_MCVELIST:CVE-2024-23835CVE-2024-23835 Suricata's pgsql: memory exhaustion use on record parsing
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
10.3%
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched in 7.0.3. As workaround, users can disable the pgsql app layer parser.
CNA Affected
[
{
"vendor": "OISF",
"product": "suricata",
"versions": [
{
"version": ">= 7.0.0, <= 7.0.2",
"status": "affected"
}
]
}
]References
github.com/OISF/suricata/commit/86de7cffa7e8f06fe9d600127e7dabe89c7e81dd
github.com/OISF/suricata/commit/f52c033e566beafb4480c139eb18662a2870464f
github.com/OISF/suricata/security/advisories/GHSA-8583-353f-mvwc
lists.fedoraproject.org/archives/list/[email protected]/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/
lists.fedoraproject.org/archives/list/[email protected]/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/
redmine.openinfosecfoundation.org/issues/6411
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
10.3%