CVE-2025-64335

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Suricata versions 8.0.0 through 8.0.1

Description Suricata is a network IDS, IPS and NSM engine. A NULL dereference can occur in versions 8.0.0 through 8.0.1 when the entropy keyword is used in conjunction with base64 data. Disabling rules that use entropy in conjunction with base64 data can serve as a workaround.

Recommendations Update to version 8.0.2 or later. As a workaround, disable rules that use entropy in conjunction with base64 data.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2025-14099

BDU:2025-15199

CVE-2025-64335

GHSA-V299-H7P3-Q4F2

OPENSUSE-SU-2026:10082-1

Affected Products

Alt Linux

Debian

Suricata

CVE-2025-64335

Weakness Enumeration

Related Identifiers

Affected Products

References · 32