CVE-2025-29915

Name
CVE-2025-29915
Description
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AF_PACKET defrag option is enabled by default and allows AF_PACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is based on the network interface MTU which leads to Suricata seeing truncated packets. Upgrade to Suricata 7.0.9, which uses better defaults and adds warnings for user configurations that may lead to issues.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
CONFIRM https://github.com/OISF/suricata/security/advisories/GHSA-7m5c-cqx4-x8mp
MISC https://github.com/OISF/suricata/commit/d78f2c9a4e2b59f44daeddff098915084493d08d
MISC https://redmine.openinfosecfoundation.org/issues/5373

Match rules

CPE URI Source package Min version Max version
suricata >= 0 < 7.0.9
cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:* suricata >= None < 7.0.9

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
suricata edge-community 7.0.8-r0 Steve McMaster <code@mcmaster.io> possibly vulnerable
suricata edge-community 7.0.7-r0 Steve McMaster <code@mcmaster.io> possibly vulnerable
suricata 3.22-community 7.0.8-r0 Steve McMaster <code@mcmaster.io> possibly vulnerable