Asymmetric Resource Consumption (Amplification) Affecting suricata package, versions *
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-DEBIAN11-SURICATA-8602405
- published7 Jan 2025
- disclosed6 Jan 2025
Introduced: 6 Jan 2025
NewCVE-2024-55628 (opens in a new tab)How to fix?
There is no fixed version for Debian:11 suricata.
NVD Description
Note: Versions mentioned in the description apply only to the upstream suricata package and not the suricata package as distributed by Debian.
See How to fix? for Debian:11 relevant fixed versions and status.
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.
References
- https://security-tracker.debian.org/tracker/CVE-2024-55628
- https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951
- https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d
- https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d
- https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j
- https://redmine.openinfosecfoundation.org/issues/7280