Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-07-11T14:39:32.766Z
Updated: 2024-08-02T03:50:54.763Z
Reserved: 2024-06-03T17:29:38.328Z
Link: CVE-2024-37151
Vulnrichment
Updated: 2024-08-02T03:50:54.763Z
NVD
Status : Modified
Published: 2024-07-11T15:15:11.847
Modified: 2024-11-21T09:23:18.420
Link: CVE-2024-37151
Redhat
No data.