Unrated severityNVD Advisory· Published Jan 6, 2025· Updated Jan 6, 2025
Suricata oversized resource names utilizing DNS name compression can lead to resource starvation
CVE-2024-55628
Description
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
5- github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951mitrex_refsource_MISC
- github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768dmitrex_refsource_MISC
- github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2dmitrex_refsource_MISC
- github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2jmitrex_refsource_CONFIRM
- redmine.openinfosecfoundation.org/issues/7280mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.