Network IDS Vulnerability in Suricata by Open Information Security Foundation
CVE-2025-59149

6.2MEDIUM

Key Information:

Vendor

Oisf

Status
Suricata
Vendor
CVE Published:
1 October 2025

What is CVE-2025-59149?

A stack buffer overflow vulnerability has been identified in Suricata, a popular network IDS, IPS, and NSM engine, specifically in version 8.0.0. When using rules that incorporate the lengthy keyword ldap.responses.attribute_type along with various transforms, this issue manifests during the startup process or when the rules are reloaded. As a precautionary measure, users are encouraged to upgrade to version 8.0.1, which addresses this vulnerability. Alternatively, disabling the affected rules can also mitigate the risks associated with this vulnerability.

Affected Version(s)

suricata >= 8.0.0, < 8.0.1

References

https://github.com/OISF/suricata/security/advisories/GHSA...
x_refsource_CONFIRM
https://github.com/OISF/suricata/commit/38a2cba5c39700204...
x_refsource_MISC
https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-rel...
x_refsource_MISC

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-59149 : Network IDS Vulnerability in Suricata by Open Information Security Foundation