Packet Truncation in Suricata Network Security Monitoring Engine
CVE-2025-29915

7.5HIGH

Key Information:

Vendor: Oisf
Status: Suricata
Vendor: CVE Published:; 10 April 2025

What is CVE-2025-29915?

Suricata, a versatile network Intrusion Detection and Prevention System, faces a vulnerability where its default AF_PACKET defrag option allows packet reassembly based on the MTU of the network interface. This configuration can inadvertently lead to truncated packets being processed by Suricata, compromising its effectiveness in monitoring network traffic. It is recommended to upgrade to Suricata version 7.0.9, which implements improved default settings and provides warnings for user-defined configurations that may result in similar operational issues.

Affected Version(s)

suricata < 7.0.9

References

https://github.com/OISF/suricata/security/advisories/GHSA...

x_refsource_CONFIRM

https://github.com/OISF/suricata/commit/d78f2c9a4e2b59f44...

x_refsource_MISC

https://redmine.openinfosecfoundation.org/issues/5373

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2025
Vulnerability Reserved
Mar 12, 2025

Oisf

What is CVE-2025-29915?

Affected Version(s)

References

CVSS V3.1

Timeline