Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2024-37151

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable defrag to reduce the scope of the problem.

  • Published: Jul 11, 2024
  • Updated: Jul 13, 2024
  • CVE: CVE-2024-37151
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWEs:

Software From Fixed in
oisf / suricata 7.0.0 7.0.6
oisf / suricata 6.0.0 6.0.20