Vulnerability - CVE-2024-38536

Name

CVE-2024-38536

Source

NVD ( link)Debian ( link)

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A memory allocation failure due to `http.memcap` being reached leads to a NULL-ptr reference leading to a crash. Upgrade to 7.0.6.

CWEs

CWE-476 CWE-476

Published Date

Jul 11, 2024

Updated Date

Jun 17, 2026

Workaround

Advisories

https://github.com/OISF/suricata/security/advisories/GHSA-j32j-4w6g-94hhVendor Advisory

https://redmine.openinfosecfoundation.org/issues/7029Exploit

https://redmine.openinfosecfoundation.org/issues/7033Issue Tracking

https://github.com/OISF/suricata/security/advisories/GHSA-j32j-4w6g-94hhVendor Advisory

https://redmine.openinfosecfoundation.org/issues/7029Exploit

https://redmine.openinfosecfoundation.org/issues/7033Issue Tracking

Analysis#

Affected Component

Analysis

suricata

Exploitable

Vulnerability Ratings#

7.5

CVSSv31

7.5

CVSSv31

NaN

other

Others affected component#

Name

Project

Project Version

Version

Status

suricata

buildroot

master

8.0.4

Not Affected