We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log records. While there are limits in place, they were too generous. The issue has been addressed in Suricata 7.0.8.
Reserved 2024-12-09 | Published 2025-01-06 | Updated 2025-01-06 | Assigner GitHub_MCWE-405: Asymmetric Resource Consumption (Amplification)
CWE-779: Logging of Excessive Data
github.com/...ricata/security/advisories/GHSA-96w4-jqwf-qx2j
github.com/...ommit/19cf0f81335d9f787d587450f7105ad95a648951
github.com/...ommit/37f4c52b22fcdde4adf9b479cb5700f89d00768d
github.com/...ommit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d
redmine.openinfosecfoundation.org/issues/7280
Support options