CVE-2024-45796: 
Suricata vulnerability analysis and mitigation

Suricata, a network Intrusion Detection System, Intrusion Prevention System, and Network Security Monitoring engine, was found to contain a vulnerability (CVE-2024-45796) prior to version 7.0.7. The vulnerability was discovered and disclosed on October 16, 2024, affecting all versions of Suricata before 7.0.7 (NVD).

The vulnerability stems from a logic error during fragment reassembly that can lead to failed reassembly for valid traffic. The issue has been assigned a CVSS v3.1 base score of 5.3 (MEDIUM) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N. The vulnerability has been classified as CWE-193 (Off-by-one Error) (GitHub Advisory).

The vulnerability has been rated as HIGH severity due to its potential to lead to loss of visibility and policy bypass. An attacker could craft specific packets to trigger this behavior, potentially affecting the system's ability to properly monitor and analyze network traffic (Redmine Issue).

The vulnerability has been patched in Suricata version 7.0.7. Users are advised to upgrade to this version to address the issue. It's worth noting that versions 6.x of Suricata are considered obsolete since July 2024 and will not receive any further updates (CERT-FR).