CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-55628: Suricata oversized resource names utilizing DNS name compression can lead to resource starvation

7.5 CVSS

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.

Classification

CVE ID: CVE-2024-55628

CVSS Base Severity: HIGH

CVSS Base Score: 7.5

Affected Products

Vendor: OISF

Product: suricata

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.83% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j
https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951
https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d
https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d
https://redmine.openinfosecfoundation.org/issues/7280

Timeline

2025-01-07 00:30:41 UTC
CVE

Suricata oversized resource names utilizing DNS name compression can lead to resource starvation