CVE-2024-23835 Suricata's pgsql: memory exhaustion use on record parsing

2024-02-2615:35:07

CWE-770

CWE-400

GitHub_M

github.com

suricata

pgsql

memory exhaustion

vulnerability

patched

version 7.0.3

oom-related

crashes

workaround

disable

app layer parser

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

JSON

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched in 7.0.3. As workaround, users can disable the pgsql app layer parser.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*"
    ],
    "vendor": "oisf",
    "product": "suricata",
    "versions": [
      {
        "status": "affected",
        "version": "7.0.0",
        "versionType": "custom",
        "lessThanOrEqual": "7.0.2"
      }
    ],
    "defaultStatus": "unknown"
  }
]