CVE-2024-23835

Summary

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched in 7.0.3. As workaround, users can disable the pgsql app layer parser.

Affected Software

VendorProductVersion RangeStatus
OISFsuricata>= 7.0.0, <= 7.0.2affected

Weaknesses

  • CWE-400: CWE-400: Uncontrolled Resource Consumption
  • CWE-770: CWE-770: Allocation of Resources Without Limits or Throttling

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References