SELKS-Suri Tips and Tricks - E12: Closing a Suricata Supply Chain Attack Vulnerability

2 views

Skip to first unread message

Mark Durrett

unread,

Jan 11, 2024, 4:29:12 PMJan 11

to se...@googlegroups.com

Hi folks,

Here is your weekly Suricata and SELKS tips and tricks email. Each week we'll feature a blog article or PDF document with something we hope you'll find useful.

In June of 2023 the OISF announced a new release of Suricata (6.0.13) which fixes a potential security issue that could lead to supply chain attacks against Suricata.

Specifically, this pertains to signatures which use datasets or Lua. Two CVEs were issued for these vulnerabilities. See links below:

CVE-2023-35852 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35852
CVE-2023-35853 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35853

Suricata 6.0.13 patches these vulnerabilities. If you have not yet updated your version of Suricata, we recommend you do so immediately.

Stamus Networks co-founder and CTO, Éric Leblond wrote a detailed blog on this topic. We encourage you to check it out.

https://www.stamus-networks.com/blog/closing-a-suricata-supply-chain-attack-vulnerability

Let us know what you think.

Cheers!

Mark

D. Mark Durrett

Chief Marketing Officer

Stamus Networks

	mdur...@stamus-networks.com
	+1 (919) 345-9515
	stamus-networks.com

The content of this email is confidential and intended for the recipient specified in message only. It is strictly forbidden to share any part of this message with any third party, without a written consent of the sender. If you received this message by mistake, please reply to this message and follow with its deletion, so that we can ensure such a mistake does not occur in the future.

Reply all

Reply to author

Forward

0 new messages