Описание
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:7.0.8-1 |
| esm-apps/bionic | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | needs-triage | |
| noble | needs-triage | |
| oracular | ignored | end of life, was needs-triage |
Показывать по
Ссылки на источники
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.
Suricata is a network Intrusion Detection System, Intrusion Prevention ...
Уязвимость функции StreamingBufferSlideToOffsetWithRegions() системы обнаружения и предотвращения вторжений Suricata, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
EPSS
5.9 Medium
CVSS3