CVE-2024-23835

Suricata's pgsql: memory exhaustion use on record parsing

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched in 7.0.3. As workaround, users can disable the pgsql app layer parser.

References

Link	Tags
https://github.com/OISF/suricata/security/advisories/GHSA-8583-353f-mvwc	vendor advisory issue tracking
https://github.com/OISF/suricata/commit/86de7cffa7e8f06fe9d600127e7dabe89c7e81dd	patch
https://github.com/OISF/suricata/commit/f52c033e566beafb4480c139eb18662a2870464f	patch
https://redmine.openinfosecfoundation.org/issues/6411	vendor advisory issue tracking
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/	mailing list
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/	mailing list

Frequently Asked Questions

What is the severity of CVE-2024-23835?: CVE-2024-23835 has been scored as a high severity vulnerability.
How to fix CVE-2024-23835?: To fix CVE-2024-23835, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-23835 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-23835 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-23835?: CVE-2024-23835 affects OISF suricata.

Description

Categories

CWE-400 – Uncontrolled Resource Consumption

CWE-770 – Allocation of Resources Without Limits or Throttling

References

Frequently Asked Questions