Vulners
Lucene search
Suricata 8.0.0 < 8.0.1 Multiple Vulnerabilities
| Reporter | Title | Published | Views | Family All 53 |
|---|---|---|---|---|
 | CVE-2025-59148 | 1 Oct 202519:51 | – | alpinelinux |
| CVE-2025-59149 | 1 Oct 202520:07 | – | alpinelinux |
| CVE-2025-59150 | 1 Oct 202520:23 | – | alpinelinux |
 | November Linux Patch Wednesday | 21 Nov 202516:21 | – | avleonov |
 | CVE-2025-59148 | 17 Oct 202517:52 | – | circl |
| CVE-2025-59149 | 17 Oct 202517:52 | – | circl |
| CVE-2025-59150 | 17 Oct 202517:52 | – | circl |
 | Suricata 代码问题漏洞 | 1 Oct 202500:00 | – | cnnvd |
| Suricata 安全漏洞 | 1 Oct 202500:00 | – | cnnvd |
| Suricata 代码问题漏洞 | 1 Oct 202500:00 | – | cnnvd |
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(269722);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/04/08");
script_cve_id(
"CVE-2025-59148",
"CVE-2025-59149",
"CVE-2025-59150"
);
script_xref(name:"IAVB", value:"2025-B-0168-S");
script_name(english:"Suricata 8.0.0 < 8.0.1 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"An IDS/IPS solution running on the remote host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of OISF Suricata installed on the remote host is 8.0.x prior to 8.0.1. It is, therefore,
affected by multiple vulnerabilities:
- Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security
Foundation) and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword
when not anchored to a 'sticky' buffer, which can lead to a segmentation fault. This issue is fixed in
version 8.0.1. To workaround this issue, users can disable rules using the entropy keyword, or validate
they are anchored to a sticky buffer. (CVE-2025-59148)
- Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security
Foundation) and the Suricata community. In version 8.0.0, rules using keyword
ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during
Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue,
users can disable rules with ldap.responses.attribute_type and transforms. (CVE-2025-59149)
- Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security
Foundation) and the Suricata community. Version 8.0.0's usage of the tls.subjectaltname keyword can lead
to a segmentation fault when the decoded subjectaltname contains a NULL byte. This issue is fixed in
version 8.0.1. To workaround this issue, disable rules using the tls.subjectaltname keyword.
(CVE-2025-59150)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://github.com/OISF/suricata/security/advisories/GHSA-5qf6-92xg-3rr3
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4848673a");
# https://redmine.openinfosecfoundation.org/issues/7838
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?609cf000");
# https://github.com/OISF/suricata/commit/9f32550e18f97ea5d610dd7c36aab0ba142c096c
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?97866848");
script_set_attribute(attribute:"see_also", value:"https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018");
script_set_attribute(attribute:"solution", value:
"Upgrade Suricata to 8.0.1 or higher.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-59148");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/10/01");
script_set_attribute(attribute:"patch_publication_date", value:"2025/09/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/10/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oisf:suricata");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("oisf_suricata_win_installed.nbin", "oisf_suricata_nix_installed.nbin");
script_require_keys("installed_sw/Open Information Security Foundation Suricata");
exit(0);
}
include('vcf.inc');
var app_info = vcf::get_app_info(app: 'Open Information Security Foundation Suricata');
vcf::check_all_backporting(app_info:app_info);
var constraints = [
{'min_version': '8.0', 'fixed_version': '8.0.1'}
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
08 Apr 2026 00:00Current
6.1Medium risk
Vulners AI Score6.1
CVSS 3.17.5
EPSS0.00481
SSVC