CVE-2025-59149

| EUVD-2025-33224 MEDIUM
2025-10-01 [email protected]
6.2
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
EUVD ID Assigned
Mar 13, 2026 - 18:18 euvd
EUVD-2025-33224
Analysis Generated
Mar 13, 2026 - 18:18 vuln.today
Patch Released
Oct 06, 2025 - 17:01 nvd
Patch available
CVE Published
Oct 01, 2025 - 20:18 nvd
MEDIUM 6.2

Tags

Stack Overflow Buffer Overflow Ubuntu Debian Suricata Suse

Description

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules with ldap.responses.attribute_type and transforms.

Analysis

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules with ldap.responses.attribute_type and transforms.

Technical Context

A buffer overflow occurs when data written to a buffer exceeds its allocated size, potentially overwriting adjacent memory and corrupting program state. This vulnerability is classified as Stack-based Buffer Overflow (CWE-121).

Affected Products

Affected products: Oisf Suricata 8.0.0

Remediation

A vendor patch is available — apply it immediately. Use memory-safe languages or bounds-checked functions. Enable ASLR, DEP/NX, and stack canaries. Apply vendor patches promptly.

Priority Score

31
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +31
POC: 0

Vendor Status

Ubuntu

Priority: Medium
suricata
Release Status Version
xenial needs-triage -
bionic needs-triage -
jammy needs-triage -
noble needs-triage -
upstream not-affected debian: Vulnerable code never present in a Debian released version, 8.0.x only issue
plucky ignored end of life, was needs-triage
questing needs-triage -

Debian

suricata
Release Status Fixed Version Urgency
bullseye fixed 1:6.0.1-3 -
bullseye (security) fixed 1:6.0.1-3+deb11u1 -
bookworm fixed 1:6.0.10-1 -
trixie fixed 1:7.0.10-1+deb13u2 -
forky, sid fixed 1:8.0.3-1 -
(unstable) not-affected - -

Share

CVE-2025-59149 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy