CVE-2025-59149

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-59149
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules with ldap.responses.attribute_type and transforms.

6.2 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018 Release Notes
https://github.com/OISF/suricata/commit/38a2cba5c397002047d84645f5ab770ff88020e1 Patch
https://github.com/OISF/suricata/security/advisories/GHSA-vxcg-38x4-gj7j Third Party Advisory Issue Tracking
https://redmine.openinfosecfoundation.org/issues/7861 Issue Tracking
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oisf:suricata:8.0.0:-:*:*:*:*:*:*
cpe:2.3:a:oisf:suricata:8.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:oisf:suricata:8.0.0:rc1:*:*:*:*:*:*
History

06 Oct 2025, 17:01

Type Values Removed Values Added
References () https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018 - () https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018 - Release Notes
References () https://github.com/OISF/suricata/commit/38a2cba5c397002047d84645f5ab770ff88020e1 - () https://github.com/OISF/suricata/commit/38a2cba5c397002047d84645f5ab770ff88020e1 - Patch
References () https://github.com/OISF/suricata/security/advisories/GHSA-vxcg-38x4-gj7j - () https://github.com/OISF/suricata/security/advisories/GHSA-vxcg-38x4-gj7j - Third Party Advisory, Issue Tracking
References () https://redmine.openinfosecfoundation.org/issues/7861 - () https://redmine.openinfosecfoundation.org/issues/7861 - Issue Tracking
First Time Oisf
Oisf suricata
CPE cpe:2.3:a:oisf:suricata:8.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:oisf:suricata:8.0.0:-:*:*:*:*:*:*
cpe:2.3:a:oisf:suricata:8.0.0:rc1:*:*:*:*:*:*

01 Oct 2025, 20:18

Type Values Removed Values Added
New CVE
Information

Published : 2025-10-01 20:18

Updated : 2025-10-06 17:01

NVD link : CVE-2025-59149

Mitre link : CVE-2025-59149

CVE.ORG link : CVE-2025-59149

JSON object : View

Products Affected

oisf

  • suricata
CWE
CWE-121

Stack-based Buffer Overflow