CVE-2024-32664
- Source
- https://cve.org/CVERecord?id=CVE-2024-32664
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-32664.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-32664
- Aliases
-
- GHSA-79vh-hpwq-3jh7
- Downstream
- Published
- 2024-05-07T14:57:01.967Z
- Modified
- 2025-11-30T18:53:57.082630Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- Suricata's base64 contains an out of bounds write
- Details
-
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in 7.0.5 and 6.0.19. Workarounds include not use rules with
base64_decodekeyword withbytesoption with value 1, 2 or 5 and for 7.0.x, settingapp-layer.protocols.smtp.mime.body-md5to false. - Database specific
{ "cna_assigner": "GitHub_M", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/32xxx/CVE-2024-32664.json", "cwe_ids": [ "CWE-120", "CWE-122" ] }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/32xxx/CVE-2024-32664.json
- https://github.com/OISF/suricata/commit/311002baf288a225f62cf18a90c5fdd294447379
- https://github.com/OISF/suricata/commit/d5ffecf11ad2c6fe89265e518f5d7443caf26ba4
- https://github.com/OISF/suricata/security/advisories/GHSA-79vh-hpwq-3jh7
- https://nvd.nist.gov/vuln/detail/CVE-2024-32664
Affected packages
Git / github.com/oisf/suricata
Affected ranges
Affected versions
suricata-6.*
suricata-6.0.0
suricata-6.0.1
suricata-6.0.10
suricata-6.0.11
suricata-6.0.12
suricata-6.0.13
suricata-6.0.14
suricata-6.0.15
suricata-6.0.16
suricata-6.0.17
suricata-6.0.18
suricata-6.0.2
suricata-6.0.3
suricata-6.0.4
suricata-6.0.5
suricata-6.0.6
suricata-6.0.7
suricata-6.0.8
suricata-6.0.9
suricata-7.*
suricata-7.0.0
suricata-7.0.1
suricata-7.0.2
suricata-7.0.3
suricata-7.0.4