CVE-2024-55628

Publication date 6 January 2025

Last updated 8 January 2025

Ubuntu priority

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
suricata	24.10 oracular	Needs evaluation
	24.04 LTS noble	Needs evaluation
	22.04 LTS jammy	Needs evaluation
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Needs evaluation
	16.04 LTS xenial	Needs evaluation

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2024-55628
https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j
https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951
https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d
https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d
https://redmine.openinfosecfoundation.org/issues/7280