CVE-2024-28870 HIGH

CVE-2024-28870: Suricata uses excessive resource use in malformed ssh traffic parsing

Vendor Oisf
Product suricata
Weakness CWE-770 · Uncontrolled resource consumption
Published April 3, 2024
Last update August 2, 2024

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. When parsing an overly long SSH banner, Suricata can use excessive CPU resources, as well as cause excessive logging volume in alert records. This issue has been patched in versions 6.0.17 and 7.0.4.

Key dates

02Disclosure timeline

April 3, 2024 CVE published
August 2, 2024 Record updated