CVE-2024-47187: 
Suricata vulnerability analysis and mitigation

CVE-2024-47187 affects Suricata, a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The vulnerability was discovered and disclosed on October 16, 2024, affecting all versions prior to 7.0.7. The issue stems from missing initialization of the random seed for 'thash' functionality, which leads to datasets having predictable hash table behavior (NVD, GitHub Advisory).

The vulnerability is characterized by a missing initialization of the random seed for the 'thash' component, resulting in predictable hash table behavior. The issue has been assigned a CVSS v3.1 Base Score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. The vulnerability is classified under CWE-330 (Use of Insufficiently Random Values) (NVD, GitHub Advisory).

The vulnerability can lead to dataset file loading using excessive time to load, as well as runtime performance issues during traffic handling. This can result in severe performance degradation and potential denial of service conditions when processing network traffic (GitHub Advisory).

The vulnerability has been patched in Suricata version 7.0.7. For users unable to upgrade immediately, two workarounds are recommended: avoid loading datasets from untrusted sources and avoid dataset rules that track traffic in rules (GitHub Advisory).