5.3

CVE-2024-45796

EPSS 0.38%
Veröffentlicht 16.10.2024 19:15:26
Zuletzt bearbeitet 03.11.2025 20:16:31
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Suricata defrag: off by one can lead to policy bypass

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed reassembly for valid traffic. An attacker could craft packets to trigger this behavior.This issue has been addressed in 7.0.7.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Oisf ≫ Suricata Version < 7.0.7

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.38%	0.595

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
security-advisories@github.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-193 Off-by-one Error

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

https://github.com/OISF/suricata/security/advisories/GHSA-mf6r-3xp2-v7xg

Third Party Advisory

https://redmine.openinfosecfoundation.org/issues/7067

Issue Tracking

https://lists.debian.org/debian-lts-announce/2025/03/msg00029.html

https://nvd.nist.gov/vuln/detail/CVE-2024-45796

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-45796

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-45796

EUVD