CVE-2023-35853

NameCVE-2023-35853
DescriptionIn Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
suricata (PTS)buster1:4.1.2-2+deb10u1vulnerable
bullseye1:6.0.1-3vulnerable
bookworm1:6.0.10-1vulnerable
trixie1:7.0.3-1fixed
sid1:7.0.4-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
suricatasource(unstable)1:6.0.13-1

Notes

[bookworm] - suricata <no-dsa> (Minor issue)
[bullseye] - suricata <no-dsa> (Minor issue)
[buster] - suricata <no-dsa> (Minor issue)
https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da

Search for package or bug name: Reporting problems