UBUNTU-CVE-2024-55627
- Source
- https://ubuntu.com/security/CVE-2024-55627
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-55627.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2024-55627
- Related
- Published
- 2025-01-06T18:15:00Z
- Modified
- 2025-01-13T10:26:50Z
- Summary
- [none]
- Details
-
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.
- References
-
- https://ubuntu.com/security/CVE-2024-55627
- https://www.cve.org/CVERecord?id=CVE-2024-55627
- https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v
- https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd
- https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be
- https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432
- https://redmine.openinfosecfoundation.org/issues/7393
Affected packages
Ubuntu:Pro:16.04:LTS / suricata
Package
- Name
- suricata
- Purl
- pkg:deb/ubuntu/suricata@3.0-1?arch=source&distro=esm-apps/xenial
Ubuntu:Pro:18.04:LTS / suricata
Package
- Name
- suricata
- Purl
- pkg:deb/ubuntu/suricata@3.2-2ubuntu3?arch=source&distro=esm-apps/bionic
Ubuntu:22.04:LTS / suricata
Package
- Name
- suricata
- Purl
- pkg:deb/ubuntu/suricata@1:6.0.4-3?arch=source&distro=jammy
Ubuntu:24.10 / suricata
Package
- Name
- suricata
- Purl
- pkg:deb/ubuntu/suricata@1:7.0.6-1?arch=source&distro=oracular