CVE-2024-24568

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, the rules inspecting HTTP2 headers can get bypassed by crafted traffic. The vulnerability has been patched in 7.0.3.

Published: Feb 26, 2024
Updated: May 4, 2025
CVE: CVE-2024-24568
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oisf / suricata	7.0.0	7.0.3
fedoraproject / fedora	38	38.x
fedoraproject / fedora	39	39.x

https://github.com/OISF/suricata/commit/478a2a38f54e2ae235f8486bff87d7d66b6307f0
https://github.com/OISF/suricata/security/advisories/GHSA-gv29-5hqw-5h8c
https://lists.fedoraproject.org/archives/list/[email protected]/message/GOCOBFUTIFHOP2PZOH4ENRFXRBHIRKK4/
https://lists.fedoraproject.org/archives/list/[email protected]/message/ZXJIT7R53ZXROO3I256RFUWTIW4ECK6P/
https://redmine.openinfosecfoundation.org/issues/6717

Vulnerability Database

289,784

CVE-2024-24568