CNNVD-202601-4471 Information
CNNVD ID
CNNVD-202601-4471
Related CVE
- CNNVD Published: 2026-01-27
Description (Chinese)
Suricata是Open Information Security基金会的一个网络IDS、IPS和NSM引擎。 Suricata 8.0.3之前版本和7.0.14之前版本存在安全漏洞,该漏洞源于保存数据集时使用栈缓冲区,若数据过大可能导致堆栈溢出。
Description (English)
Suricata is a web-based IDS, IPS and NSM engine of the Open Information Security Foundation. There is a security loophole in the previous version of Suricata 8.3 and the previous version of 7.0.14, which stems from the use of a stowage buffer zone in the preservation of data sets, which, if too large, could result in stack spills.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Open Information Security
Published
2026-01-27
Last Modified
2026-02-24
References
https://github.com/OISF/suricata/commit/0eff24213763c2aa2bb0957901d5dc1e18414dbf https://github.com/OISF/suricata/commit/27a2180bceaa3477419c78c54fce364398d011f1 https://github.com/OISF/suricata/commit/32609e6896f9079c175665a94005417cec7637eb https://github.com/OISF/suricata/commit/32a1b9ae6aa80a60c073897e38a2ac6ea0f64521 https://github.com/OISF/suricata/commit/d6bc718e303ecbec5999066b8bc88eeeca743658 https://github.com/OISF/suricata/commit/d767dfadcd166f82683757818b9e46943326ac90 https://github.com/OISF/suricata/security/advisories/GHSA-9qg5-2gwh-xp86 https://redmine.openinfosecfoundation.org/issues/8110
Patch
https://github.com/OISF/suricata/releases
Share on: