6 matches found
Fedora 41 : suricata (2025-a029ba03cc)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a029ba03cc advisory. CVE-2025-53537: HIGH CVE-2025-53538: HIGH Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...
Fedora 42 : suricata (2025-f555a9146a)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f555a9146a advisory. CVE-2025-53537: HIGH CVE-2025-53538: HIGH Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...
CVE-2025-53538
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...
CVE-2025-53538 Suricata's mishandling of data on HTTP2 stream 0 can lead to resource starvation
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...
CVE-2025-53538 Suricata's mishandling of data on HTTP2 stream 0 can lead to resource starvation
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...
CVE-2025-53538
CVE-2025-53538 affects Suricata (IDS/IPS/NSM engine by OISF) in versions 7.0.10 and earlier and 8.0.0-beta1 through 8.0.0-rc1. The root cause is mishandling of data on HTTP/2 stream 0, causing uncontrolled memory usage and loss of visibility. The issue scores as CVSS v3.1/7.5 (HIGH) with NETWORK ...