vulnerability

Debian: CVE-2025-29916: suricata -- security update

Severity
5
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:C)
Published
Apr 10, 2025
Added
May 15, 2025
Modified
Jun 3, 2025

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Datasets declared in rules have an option to specify the `hashsize` to use. This size setting isn't properly limited, so the hash table allocation can be large. Untrusted rules can lead to large memory allocations, potentially leading to denial of service due to resource starvation. This vulnerability is fixed in 7.0.9.

Solution

no-fix-debian-deb-package
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.