CVE-2025-59148

Name
CVE-2025-59148
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a "sticky" buffer, which can lead to a segmentation fault. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules using the entropy keyword, or validate they are anchored to a sticky buffer.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018
MISC https://github.com/OISF/suricata/commit/9f32550e18f97ea5d610dd7c36aab0ba142c096c
CONFIRM https://github.com/OISF/suricata/security/advisories/GHSA-5qf6-92xg-3rr3
MISC https://redmine.openinfosecfoundation.org/issues/7838

Match rules

CPE URI Source package Min version Max version
suricata >= 0 < 8.0.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
suricata edge-community 7.0.7-r0 Steve McMaster <code@mcmaster.io> possibly vulnerable
suricata edge-community 7.0.8-r0 Steve McMaster <code@mcmaster.io> possibly vulnerable
suricata edge-community 7.0.10-r0 Steve McMaster <steve@mcmaster.io> possibly vulnerable
suricata edge-community 7.0.10-r1 Steve McMaster <steve@mcmaster.io> possibly vulnerable
suricata edge-community 8.0.0-r0 Steve McMaster <steve@mcmaster.io> possibly vulnerable
suricata 3.22-community 7.0.8-r0 Steve McMaster <code@mcmaster.io> possibly vulnerable
suricata 3.22-community 7.0.10-r1 Steve McMaster <steve@mcmaster.io> possibly vulnerable