CVE-2025-59147

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:C/A:N

Name of the Vulnerable Software and Affected Versions Suricata versions 7.0.11 and below Suricata version 8.0.0

Description Suricata, a network IDS, IPS and NSM engine, experiences a detection bypass when receiving crafted traffic containing multiple SYN packets with differing sequence numbers within the same flow tuple. This can result in Suricata failing to establish the TCP session. In Intrusion Detection System (IDS) mode, this leads to a bypass of detection and logging. In Intrusion Prevention System (IPS) mode, the flow is blocked.

Recommendations Update to Suricata version 7.0.12 or later. Update to Suricata version 8.0.1 or later.

Exploit

Fix

Improperly Implemented Security Check for Standard

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-358

Related Identifiers

ALT-PU-2025-14099

BDU:2025-12460

CVE-2025-59147

GHSA-V8HV-6V7X-4C2R

OPENSUSE-SU-2025:15592-1

Affected Products

Alt Linux

Debian

Suricata

CVE-2025-59147

Weakness Enumeration

Related Identifiers

Affected Products

References · 27