CVE-2025-59149 — MEDIUM (6.2)

Vulnerability Description

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules with ldap.responses.attribute_type and transforms.

CVSS Score

6.2

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Oisf	Suricata	8.0.0

Related Weaknesses (CWE)

CWE-121

References

https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018Release Notes
https://github.com/OISF/suricata/commit/38a2cba5c397002047d84645f5ab770ff88020e1Patch
https://github.com/OISF/suricata/security/advisories/GHSA-vxcg-38x4-gj7jIssue TrackingThird Party Advisory
https://redmine.openinfosecfoundation.org/issues/7861Issue Tracking

FAQ

What is CVE-2025-59149?

CVE-2025-59149 is a vulnerability with a CVSS score of 6.2 (MEDIUM). Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_ty...

How severe is CVE-2025-59149?

CVE-2025-59149 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-59149?

Check the references section above for vendor advisories and patch information. Affected products include: Oisf Suricata.