CVE-2024-47187 HIGH

CVE-2024-47187: Suricata datasets: missing hashtable random seed leads to potential DoS

Vendor Oisf
Product suricata
Weakness CWE-330 · Insufficient randomness
Published October 16, 2024
Last update October 16, 2024

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to datasets having predictable hash table behavior. This can lead to dataset file loading to use excessive time to load, as well as runtime performance issues during traffic handling. This issue has been addressed in 7.0.7. As a workaround, avoid loading datasets from untrusted sources. Avoid dataset rules that track traffic in rules.

Key dates

02Disclosure timeline

October 16, 2024 CVE published
October 16, 2024 Record updated