15 matches found
CVE-2026-22258
Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...
UBUNTU-CVE-2026-22258
Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...
CVE-2026-22258
CVE-2026-22258 affects Suricata (IDS/IPS/NSM). Before versions 8.0.3 and 7.0.14, crafted DCERPC traffic can trigger unbounded buffering, causing memory exhaustion and process termination. While initially observed over UDP, TCP and SMB are also considered vulnerable; however, DCERPC/TCP defaults l...
CVE-2026-22258 Suricata DCERPC: unbounded fragment buffering leads to memory exhaustion
Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...
Linux Distros Unpatched Vulnerability : CVE-2025-64333
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 an...
DEBIAN-CVE-2025-64333
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...
CVE-2025-64344 Suricata is vulnerable to a stack overflow from unbounded stack allocation in LuaPushStringBuffer
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...
CVE-2025-64333
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...
UBUNTU-CVE-2024-38534
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a flow. Upgrade to 7.0.6. Set a limited stream.reassembly.depth to reduce the issue...
CVE-2024-38534
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a flow. Upgrade to 7.0.6. Set a limited stream.reassembly.depth to reduce the issue...
CVE-2024-38534
CVE-2024-38534 affects Suricata (network IDS/IPS/NSM). Crafted Modbus traffic can cause unlimited resource accumulation within a single flow, impacting availability. The documented remediation is to upgrade Suricata to version 7.0.6 or later and to set a limited stream.reassembly.depth to reduce ...
PT-2024-28060 · Suricata +1 · Suricata +1
Name of the Vulnerable Software and Affected Versions: Suricata versions prior to 7.0.6 Description: Suricata is a network Intrusion Detection System, Intrusion Prevention System, and Network Security Monitoring engine. Crafted modbus traffic can lead to unlimited resource accumulation within a...
UBUNTU-CVE-2024-23836
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extrem...
CVE-2024-23836 crafted traffic can cause denial of service
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to versions 6.0.16 and 7.0.3, an attacker can craft traffic to cause Suricata to use far more CPU and memory for processing the traffic than needed, which can lead to extrem...
PT-2024-1592 · Suricata +1 · Suricata +1
Name of the Vulnerable Software and Affected Versions: Suricata versions prior to 6.0.16 and 7.0.3 Description: Suricata is a network Intrusion Detection System, Intrusion Prevention System, and Network Security Monitoring engine. An attacker can craft traffic to cause Suricata to use far more CP...