CVE-2024-32664

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 7.0.5 Suricata versions prior to 6.0.19

Description The issue is related to a limited buffer overflow in Suricata, a network Intrusion Detection System, Intrusion Prevention System, and Network Security Monitoring engine. Specially crafted traffic or datasets can cause this overflow. Exploitation of the issue may allow a remote attacker to cause a denial of service. Workarounds include not using rules with the base64 decode keyword and the bytes option with values 1, 2, or 5, and for 7.0.x, setting app-layer.protocols.smtp.mime.body-md5 to false.

Recommendations For versions prior to 7.0.5, update to version 7.0.5 or later. For versions prior to 6.0.19, update to version 6.0.19 or later. As a temporary workaround, consider not using rules with the base64 decode keyword and the bytes option with values 1, 2, or 5. For 7.0.x, set app-layer.protocols.smtp.mime.body-md5 to false as a temporary mitigation measure.