CVE-2025-59149

Medium CVSS: 6.2

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules with ldap.responses.attribute_type and transforms.

Vendor

Oisf

Product

Suricata

CWE

CWE-121

Yayın Tarihi

2025-10-01 20:18:38

Güncelleme

2025-10-06 17:01:13

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-121 Suricata MEDIUM Oisf 2025

Referanslar

https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018 https://github.com/OISF/suricata/commit/38a2cba5c397002047d84645f5ab770ff88020e1 https://github.com/OISF/suricata/security/advisories/GHSA-vxcg-38x4-gj7j https://redmine.openinfosecfoundation.org/issues/7861

Benzer Kayıtlar

Low

CVE-2026-22261

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handlin…

Medium

CVE-2026-22262

Suricata is a network IDS, IPS and NSM engine. While saving a dataset a stack buffer is used to prepare the data. Prior…

Medium

CVE-2026-22263

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in htt…

High

CVE-2026-22264

Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.14, an unsigned integer overflow can lead…

High

CVE-2026-22260

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, Suricata can crash…

High

CVE-2026-22258

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suri…