Detections
Analytics

Alpine: multiple suricata packages: security update to 7.0.7-r0

medium Tenable Cloud Security Plugin ID 426247

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

 - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security
 Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to failed
 reassembly for valid traffic. An attacker could craft packets to trigger this behavior.This issue has been
 addressed in 7.0.7. (CVE-2024-45796)

 - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security
 Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented
 "unset" option can trigger an assertion during traffic parsing, leading to denial of service. This issue
 is addressed in 7.0.7. As a workaround, use only trusted and well tested rulesets. (CVE-2024-45795)

 - LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version
 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and
 memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5.49.
 (CVE-2024-45797)

 - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security
 Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to
 datasets having predictable hash table behavior. This can lead to dataset file loading to use excessive
 time to load, as well as runtime performance issues during traffic handling. This issue has been addressed
 in 7.0.7. As a workaround, avoid loading datasets from untrusted sources. Avoid dataset rules that track
 traffic in rules. (CVE-2024-47187)

See Also

https://security.alpinelinux.org/vuln/CVE-2024-45795

https://security.alpinelinux.org/vuln/CVE-2024-45796

https://security.alpinelinux.org/vuln/CVE-2024-45797

https://security.alpinelinux.org/vuln/CVE-2024-47187

https://security.alpinelinux.org/vuln/CVE-2024-47188

https://security.alpinelinux.org/vuln/CVE-2024-47522

Plugin Details

Severity: Medium

ID: 426247

Version: Revision 1.5

Type: Local

Published: 5/16/2025

Updated: 6/1/2026

Supported Sensors: Agentless Assessment

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2024-45796

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 10/16/2024

Reference Information

CVE: CVE-2024-45795, CVE-2024-45796, CVE-2024-45797, CVE-2024-47187, CVE-2024-47188, CVE-2024-47522