PT-2024-31776 · Suricata+2 · Suricata+2

Philippe Antoine

Published

2024-10-16

Updated

2025-11-07

CVE-2024-45795

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Suricata versions prior to 7.0.7

Description: The issue affects Suricata, a network Intrusion Detection System, Intrusion Prevention System, and Network Security Monitoring engine. It occurs when rules using datasets with the non-functional "unset" option are used, potentially triggering an assertion during traffic parsing and leading to denial of service.

Recommendations: For versions prior to 7.0.7, update to version 7.0.7 to resolve the issue. As a temporary workaround, use only trusted and well-tested rulesets.

Exploit

Fix

DoS

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

ALT-PU-2025-14099

CVE-2024-45795

GHSA-6R8W-FPW6-CP9G

OPENSUSE-SU-2025:15394-1

Affected Products

Alt Linux

Debian

Suricata

PT-2024-31776 · Suricata+2 · Suricata+2

CVE-2024-45795

Weakness Enumeration

Related Identifiers

Affected Products

References · 44