CVE-2024-32664

Name
CVE-2024-32664
Description
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in 7.0.5 and 6.0.19. Workarounds include not use rules with `base64_decode` keyword with `bytes` option with value 1, 2 or 5 and for 7.0.x, setting `app-layer.protocols.smtp.mime.body-md5` to false.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
security-advisories@github.com https://github.com/OISF/suricata/commit/311002baf288a225f62cf18a90c5fdd294447379
security-advisories@github.com https://github.com/OISF/suricata/commit/d5ffecf11ad2c6fe89265e518f5d7443caf26ba4
security-advisories@github.com https://github.com/OISF/suricata/security/advisories/GHSA-79vh-hpwq-3jh7

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:* suricata >= 6.0.0 < 6.0.19
cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:* suricata >= 7.0.0 < 7.0.5

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
suricata edge-community 7.0.6-r0 Steve McMaster <code@mcmaster.io> fixed
suricata edge-community 6.0.4-r0 Steve McMaster <code@mcmaster.io> possibly vulnerable
suricata edge-community 6.0.3-r0 Steve McMaster <code@mcmaster.io> possibly vulnerable
suricata 3.22-community 7.0.6-r0 None fixed
suricata 3.22-community 6.0.4-r0 None possibly vulnerable
suricata 3.22-community 6.0.3-r0 None possibly vulnerable
suricata 3.21-community 7.0.6-r0 None fixed
suricata 3.20-community 7.0.6-r0 Steve McMaster <code@mcmaster.io> fixed
suricata 3.20-community 6.0.7-r0 None fixed