CNNVD-202601-4493 Information
CNNVD ID
CNNVD-202601-4493
Related CVE
- CNNVD Published: 2026-01-27
Description (Chinese)
Suricata是Open Information Security基金会的一个网络IDS、IPS和NSM引擎。 Suricata 8.0.3之前版本和7.0.14之前版本存在安全漏洞,该漏洞源于解析特制DNP3流量时可能消耗大量内存,导致进程变慢、内存耗尽并被终止。
Description (English)
Suricata is a web-based IDS, IPS and NSM engine of the Open Information Security Foundation. Pre-Suricata 8.3 and pre-7.10.14 security gaps, which stem from the potential to consume significant amounts of memory during the decomposition of ad hoc DNP3 flows, have led to slower, depleted and terminated processes.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Open Information Security
Published
2026-01-27
Last Modified
2026-02-24
References
https://github.com/OISF/suricata/commit/50cac2e2465ca211eabfa156623e585e9037bb7e https://github.com/OISF/suricata/commit/63225d5f8ef64cc65164c0bb1800730842d54942 https://github.com/OISF/suricata/security/advisories/GHSA-878h-2x6v-84q9 https://redmine.openinfosecfoundation.org/issues/8181 https://access.redhat.com/security/cve/cve-2026-22259
Patch
https://github.com/OISF/suricata/releases
Share on: