Описание
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Version 8.0.0's usage of the tls.subjectaltname keyword can lead to a segmentation fault when the decoded subjectaltname contains a NULL byte. This issue is fixed in version 8.0.1. To workaround this issue, disable rules using the tls.subjectaltname keyword.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needs-triage | |
| esm-apps/bionic | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage | |
| jammy | needs-triage | |
| noble | needs-triage | |
| plucky | ignored | end of life, was needs-triage |
| questing | needs-triage | |
| upstream | not-affected | debian: Vulnerable code never present in a Debian released version, 8.0.x only issue |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS3
Связанные уязвимости
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Version 8.0.0's usage of the tls.subjectaltname keyword can lead to a segmentation fault when the decoded subjectaltname contains a NULL byte. This issue is fixed in version 8.0.1. To workaround this issue, disable rules using the tls.subjectaltname keyword.
Suricata is a network IDS, IPS and NSM engine developed by the OISF (O ...
Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с разыменованием указателей, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3