CNNVD-202511-2825 Information

CNNVD ID

CNNVD-202511-2825

Related CVE

CVE-2025-64344

• CNNVD Published: 2025-11-26

Description (Chinese)

Suricata是Open Information Security基金会的一个网络IDS、IPS和NSM引擎。 Suricata 7.0.13之前版本和8.0.2之前版本存在安全漏洞，该漏洞源于Lua脚本处理大型缓冲区时存在栈溢出，可能导致崩溃。

Description (English)

Suricata is a web-based IDS, IPS and NSM engine of the Open Information Security Foundation. Pre-Suricata 7.0.13 and pre-O.0.2 security loopholes, which stem from the spills in the Lua script when dealing with large buffer zones, could lead to collapse.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Open Information Security

Published

2025-11-26

Last Modified

2026-02-24

References

https://github.com/OISF/suricata/commit/e13fe6a90dba210a478148c4084f6f5db17c5b5a https://github.com/OISF/suricata/security/advisories/GHSA-93fh-cgmc-w3rx

Patch

https://github.com/OISF/suricata/releases