Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-47187

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to use excessive time to load, as well as runtime performance issues during traffic handling. This issue has been addressed in 7.0.7. As a workaround, avoid loading datasets from untrusted sources. Avoid dataset rules that track traffic in rules.

Published

2024-10-16T19:15:27.407

Last Modified

2024-10-22T13:48:59.893

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-330
Type: Primary
CWE-327

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	oisf	suricata	< 7.0.7	Yes

References

https://github.com/OISF/suricata/security/advisories/GHSA-64ww-4f6x-863p Third Party Advisory ([email protected])
https://redmine.openinfosecfoundation.org/issues/7209 Issue Tracking ([email protected])