Описание
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a panic. This issue has been addressed in 7.0.7. One may disable ja4 as a workaround.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| suricata | fixed | 1:7.0.7-1 | package | |
| suricata | no-dsa | bookworm | package | |
| suricata | postponed | bullseye | package |
Примечания
https://github.com/OISF/suricata/security/advisories/GHSA-w5xv-6586-jpm7
https://redmine.openinfosecfoundation.org/issues/7267
EPSS
Связанные уязвимости
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a panic. This issue has been addressed in 7.0.7. One may disable ja4 as a workaround.
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a panic. This issue has been addressed in 7.0.7. One may disable ja4 as a workaround.
Уязвимость системы обнаружения и предотвращения вторжений Suricata связанная с ошибками при проверке JA4-идентификатора, предоставляющего информацию о прикладном протоколе, который будет использован между клиентом и сервером, позволяющая нарушителю вызвать отказ в обслуживании
EPSS