VDB
DEBIAN-CVE-2024-55628
DEBIAN-CVE-2024-55628
PUBLISHED
CVSS 7.5 HIGH
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | suricata | 1:7.0.8-2, 6.0.8-1, 6.0.9-1 |
| Debian:14 | suricata | 0, 0 |
| Debian:12 | suricata | *, 0, 1:6.0.10-1 |
| Debian:13 | suricata | 0, 0 |
Timeline
- Jan 6, 2025 CVE Published
- May 16, 2026 CVE Updated