vulnerability
Debian: CVE-2025-29916: suricata -- security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:L/AC:L/Au:N/C:N/I:N/A:C) | Apr 10, 2025 | May 15, 2025 | Jun 3, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:C)
Published
Apr 10, 2025
Added
May 15, 2025
Modified
Jun 3, 2025
Description
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Datasets declared in rules have an option to specify the `hashsize` to use. This size setting isn't properly limited, so the hash table allocation can be large. Untrusted rules can lead to large memory allocations, potentially leading to denial of service due to resource starvation. This vulnerability is fixed in 7.0.9.
Solution
no-fix-debian-deb-package

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.