CVE-2021-37592

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Suricata versions 5.0.0 through 5.0.7 Suricata versions 6.0.0 through 6.0.3

Description The issue is related to a buffer overflow in memory due to insufficient checking of FIN, SYN, and ACK parameter values when processing packets. This can be exploited by a remote attacker to bypass security restrictions and implement a TCP Reset attack. The problem arises when a client with a crafted TCP/IP stack sends a specific sequence of segments, allowing for TCP evasion.

Recommendations For Suricata versions 5.0.0 through 5.0.7, update to version 5.0.8 or later. For Suricata versions 6.0.0 through 6.0.3, update to version 6.0.4 or later.

Fix

Stack Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-787

Related Identifiers

ALT-PU-2022-1180

ALT-PU-2024-3982

ALT-PU-2024-8133

BDU:2023-06805

CVE-2021-37592

ROSA-SA-2023-2197

Affected Products

Alt Linux

Debian

Suricata

CVE-2021-37592

Weakness Enumeration

Related Identifiers

Affected Products

References · 14