CVE-2025-64331

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 7.0.13 Suricata versions prior to 8.0.2

Description Suricata is a network IDS, IPS and NSM engine. A stack overflow can occur during large HTTP file transfers if the HTTP response body limit is increased and logging of printable HTTP bodies is enabled. The issue has been addressed in newer versions. A workaround involves using default HTTP response body limits and/or disabling http-body-printable logging, which is disabled by default.

Recommendations Update to Suricata version 7.0.13 or later. Update to Suricata version 8.0.2 or later. Use default HTTP response body limits. Disable http-body-printable logging.

Exploit

Fix

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

ALT-PU-2025-14099

BDU:2025-15197

CVE-2025-64331

GHSA-V32W-J79X-PFJ2

OPENSUSE-SU-2026:10082-1

Affected Products

Alt Linux

Debian

Suricata

CVE-2025-64331

Weakness Enumeration

Related Identifiers

Affected Products

References · 31