high
7.5
CWE
400 770
Advisory Published
Updated

CVE-2024-32663: Suricata 's http2 parser contains an improper compressed header handling can lead to resource starvation

First published: Tue May 07 2024(Updated: )

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and 6.0.19. Workarounds include disabling the HTTP/2 parser and reducing `app-layer.protocols.http2.max-table-size` value (default is 65536).

Credit: security-advisories@github.com

Affected SoftwareAffected VersionHow to fix
OISF Suricata>=6.0.0<6.0.19
OISF Suricata>=7.0.0<7.0.5

Remedy

https://github.com/OISF/suricata/commit/08d93f7c3762781b743f88f9fdc4389eb9c3eb64

Remedy

https://github.com/OISF/suricata/commit/c0af92295e833d1db29b184d63cd3b829451d7fd

Remedy

https://github.com/OISF/suricata/commit/d24b37a103c04bb2667e449e080ba4c8e56bb019

Remedy

https://github.com/OISF/suricata/commit/e68ec4b227d19498f364a41eb25d3182f0383ca5

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-32663?

    CVE-2024-32663 has been classified as a moderate severity vulnerability due to its ability to cause excessive memory usage.

  • How do I fix CVE-2024-32663?

    To mitigate CVE-2024-32663, upgrade to Suricata version 7.0.5 or 6.0.19 or later.

  • What versions of Suricata are affected by CVE-2024-32663?

    CVE-2024-32663 affects Suricata versions prior to 7.0.5 and 6.0.19.

  • What type of vulnerability is CVE-2024-32663?

    CVE-2024-32663 is a memory exhaustion vulnerability that can be triggered by specific HTTP/2 traffic.

  • Is CVE-2024-32663 specific to certain operating systems?

    CVE-2024-32663 is not specific to any operating system but affects any system running the vulnerable versions of Suricata.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203