Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a "sticky" buffer, which can lead to a segmentation fault. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules using the entropy keyword, or validate they are anchored to a sticky buffer.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 01 Oct 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 01 Oct 2025 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a "sticky" buffer, which can lead to a segmentation fault. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules using the entropy keyword, or validate they are anchored to a sticky buffer. | |
Title | Suricata's improper use of entropy keyword can lead to a NULL-ptr deref | |
Weaknesses | CWE-476 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-10-01T19:58:13.158Z
Reserved: 2025-09-09T15:23:16.326Z
Link: CVE-2025-59148

Updated: 2025-10-01T19:58:06.225Z

Status : Received
Published: 2025-10-01T20:18:38.480
Modified: 2025-10-01T20:18:38.480
Link: CVE-2025-59148

No data.

No data.