CVE-2024-23835 HIGH

CVE-2024-23835: Suricata's pgsql: memory exhaustion use on record parsing

Vendor Oisf
Product suricata
Weakness CWE-400
Published February 26, 2024
Last update February 13, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched in 7.0.3. As workaround, users can disable the pgsql app layer parser.

Key dates

02Disclosure timeline

February 26, 2024 CVE published
February 13, 2025 Record updated