CVE-2024-32867 - Vulnerability Details - OpenCVE

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Oisf	Suricata

Configuration 1 [-]

OR	cpe:2.3:a:oisf:suricata::::::::
	cpe:2.3:a:oisf:suricata::::::::

No data.

References

Link	Providers
https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9
https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66
https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634
https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b
https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9
https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8
https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5
https://redmine.openinfosecfoundation.org/issues/6672
https://redmine.openinfosecfoundation.org/issues/6673
https://redmine.openinfosecfoundation.org/issues/6677

History

Thu, 19 Dec 2024 20:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:oisf:suricata::::::::

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-05-07T15:06:58.326Z

Updated: 2024-08-02T02:20:35.604Z

Reserved: 2024-04-19T14:07:11.228Z

Link: CVE-2024-32867

Vulnrichment

Updated: 2024-05-07T18:44:31.964Z

NVD

Status : Analyzed

Published: 2024-05-07T15:15:09.143

Modified: 2024-12-19T19:48:46.393

Link: CVE-2024-32867

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-32867", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-04-19T14:07:11.228Z", "datePublished": "2024-05-07T15:06:58.326Z", "dateUpdated": "2024-08-02T02:20:35.604Z"}, "containers": {"cna": {"title": "Suricata's defrag contains various issues leading to policy bypass", "problemTypes": [{"descriptions": [{"cweId": "CWE-754", "lang": "en", "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5"}, {"name": "https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9"}, {"name": "https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66"}, {"name": "https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634"}, {"name": "https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b"}, {"name": "https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9"}, {"name": "https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8"}, {"name": "https://redmine.openinfosecfoundation.org/issues/6672", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/6672"}, {"name": "https://redmine.openinfosecfoundation.org/issues/6673", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/6673"}, {"name": "https://redmine.openinfosecfoundation.org/issues/6677", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/6677"}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"version": ">= 6.0.0, <= 6.0.18", "status": "affected"}, {"version": ">= 7.0.0, <= 7.0.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-05-07T15:06:58.326Z"}, "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19."}], "source": {"advisory": "GHSA-xvrx-88mv-xcq5", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-32867", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-07T18:45:46.899664Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:oisf:suricata:-:*:*:*:*:*:*:*"], "vendor": "oisf", "product": "suricata", "versions": [{"status": "affected", "version": ">= 6.0.0, <= 6.0.18, >= 7.0.0, <= 7.0.4"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:49:44.752Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:20:35.604Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5"}, {"name": "https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9"}, {"name": "https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66"}, {"name": "https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634"}, {"name": "https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b"}, {"name": "https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9"}, {"name": "https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8"}, {"name": "https://redmine.openinfosecfoundation.org/issues/6672", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/6672"}, {"name": "https://redmine.openinfosecfoundation.org/issues/6673", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/6673"}, {"name": "https://redmine.openinfosecfoundation.org/issues/6677", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/6677"}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-32867", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-04-19T14:07:11.228Z", "datePublished": "2024-05-07T15:06:58.326Z", "dateUpdated": "2024-06-04T17:49:44.752Z"}, "containers": {"cna": {"title": "Suricata's defrag contains various issues leading to policy bypass", "problemTypes": [{"descriptions": [{"cweId": "CWE-754", "lang": "en", "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5"}, {"name": "https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9"}, {"name": "https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66"}, {"name": "https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634"}, {"name": "https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b"}, {"name": "https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9"}, {"name": "https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8", "tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8"}, {"name": "https://redmine.openinfosecfoundation.org/issues/6672", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/6672"}, {"name": "https://redmine.openinfosecfoundation.org/issues/6673", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/6673"}, {"name": "https://redmine.openinfosecfoundation.org/issues/6677", "tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/6677"}], "affected": [{"vendor": "OISF", "product": "suricata", "versions": [{"version": ">= 6.0.0, <= 6.0.18", "status": "affected"}, {"version": ">= 7.0.0, <= 7.0.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-05-07T15:06:58.326Z"}, "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19."}], "source": {"advisory": "GHSA-xvrx-88mv-xcq5", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-32867", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-07T18:45:46.899664Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:oisf:suricata:-:*:*:*:*:*:*:*"], "vendor": "oisf", "product": "suricata", "versions": [{"status": "affected", "version": ">= 6.0.0, <= 6.0.18, >= 7.0.0, <= 7.0.4"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-07T18:44:31.964Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D75940C-F39A-466B-9E79-D2E19DA182C5", "versionEndExcluding": "6.0.19", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "A158A8DB-3609-488B-B986-52575C649704", "versionEndExcluding": "7.0.5", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19."}, {"lang": "es", "value": "Suricata es un sistema de detecci\u00f3n de intrusiones en la red, un sistema de prevenci\u00f3n de intrusiones y un motor de monitoreo de seguridad de la red. Antes de 7.0.5 y 6.0.19, varios problemas en el manejo de anomal\u00edas de fragmentaci\u00f3n pueden provocar una detecci\u00f3n err\u00f3nea de reglas y pol\u00edticas. Esta vulnerabilidad se solucion\u00f3 en 7.0.5 o 6.0.19."}], "id": "CVE-2024-32867", "lastModified": "2024-12-19T19:48:46.393", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-07T15:15:09.143", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/6672"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/6673"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/6677"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/1e110d0a71db46571040b937e17a4bc9f91d6de9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/2f39ba75f153ba9bdf8eedc2a839cc973dbaea66"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/414f97c6695c5a2e1d378a36a6f50d7288767634"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/bf3d420fb709ebe074019a99e3bd3a2364524a4b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/d13bd2ae217a6d2ceb347f74d27cbfcd37b9bda9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/OISF/suricata/commit/e6267758ed5da27f804f0c1c07f9423bdf4d72b8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/OISF/suricata/security/advisories/GHSA-xvrx-88mv-xcq5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/6672"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/6673"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://redmine.openinfosecfoundation.org/issues/6677"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-754"}], "source": "nvd@nist.gov", "type": "Primary"}]}