CVE-2024-37151

Name
CVE-2024-37151
Description
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
CONFIRM https://github.com/OISF/suricata/security/advisories/GHSA-qrp7-g66m-px24
MISC https://github.com/OISF/suricata/commit/9d5c4273cb7e5ca65f195f7361f0d848c85180e0
MISC https://github.com/OISF/suricata/commit/aab7f35c76721df19403a7c0c0025feae12f3b6b
MISC https://redmine.openinfosecfoundation.org/issues/7041
MISC https://redmine.openinfosecfoundation.org/issues/7042

Match rules

CPE URI Source package Min version Max version
suricata >= 6.0.0 < 6.0.20
suricata >= 0 >= 7.0.0,< 7.0.6

Vulnerable and fixed packages

Source package Branch Version Maintainer Status