Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2024-0306)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2024.0306

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2024-0306)

Resumen: The remote host is missing an update for the 'suricata' package(s) announced via the MGASA-2024-0306 advisory.

Descripción: Summary:
The remote host is missing an update for the 'suricata' package(s) announced via the MGASA-2024-0306 advisory.

Vulnerability Insight:
CVE-2024-37151 Mishandling of multiple fragmented packets using the same
IP ID value can lead to packet reassembly failure, which can lead to
policy bypass.
CVE-2024-38534 Crafted modbus traffic can lead to unlimited resource
accumulation within a flow
CVE-2024-38535, CVE-2024-38536 Suricata can run out of memory when
parsing crafted HTTP/2 traffic.

Affected Software/OS:
'suricata' package(s) on Mageia 9.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-37151
Common Vulnerability Exposure (CVE) ID: CVE-2024-38534
Common Vulnerability Exposure (CVE) ID: CVE-2024-38535
Common Vulnerability Exposure (CVE) ID: CVE-2024-38536

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0306
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0306)
Resumen:	The remote host is missing an update for the 'suricata' package(s) announced via the MGASA-2024-0306 advisory.
Descripción:	Summary: The remote host is missing an update for the 'suricata' package(s) announced via the MGASA-2024-0306 advisory. Vulnerability Insight: CVE-2024-37151 Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. CVE-2024-38534 Crafted modbus traffic can lead to unlimited resource accumulation within a flow CVE-2024-38535, CVE-2024-38536 Suricata can run out of memory when parsing crafted HTTP/2 traffic. Affected Software/OS: 'suricata' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-37151 Common Vulnerability Exposure (CVE) ID: CVE-2024-38534 Common Vulnerability Exposure (CVE) ID: CVE-2024-38535 Common Vulnerability Exposure (CVE) ID: CVE-2024-38536
Copyright	Copyright (C) 2024 Greenbone AG