Unrated severityNVD Advisory· Published May 7, 2024· Updated Aug 2, 2024

Suricata's base64 contains an out of bounds write

CVE-2024-32664

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in 7.0.5 and 6.0.19. Workarounds include not use rules with base64_decode keyword with bytes option with value 1, 2 or 5 and for 7.0.x, setting app-layer.protocols.smtp.mime.body-md5 to false.

Affected products

Oisf/Suricatav5
Range: >= 6.0.0, <= 6.0.18

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/OISF/suricata/commit/311002baf288a225f62cf18a90c5fdd294447379mitrex_refsource_MISC
github.com/OISF/suricata/commit/d5ffecf11ad2c6fe89265e518f5d7443caf26ba4mitrex_refsource_MISC
github.com/OISF/suricata/security/advisories/GHSA-79vh-hpwq-3jh7mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000