Description
Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4.
Published: 2026-04-02
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Patch Immediately
AI Analysis

Impact

Suricata, a network intrusion detection and prevention engine, contains a flaw where a specially crafted data stream forces the stream inspection component to perform a quadratic number of operations, causing the engine to slow down dramatically. This excessive processing leads to degraded throughput and may render an IDS instance unresponsive, effectively denying service to legitimate traffic. The weakness corresponds to both inefficient resource usage (CWE-407) and potential denial of service (CWE-770).

Affected Systems

The vulnerability affects Suricata releases before version 7.0.15 and 8.0.4 from the Open Information Security Foundation. Any deployment of these earlier builds in IDS or IPS mode that receives crafted traffic is potentially impacted.

Risk and Exploitability

The CVSS base score of 7.5 indicates high severity. No EPSS score is available, and the issue is not yet catalogued in the CISA KEV list. The simplest attack vector involves sending tailored packets that trigger the quadratic path; no exploit code is publicly documented, but the impact is observable as a noticeable performance loss in affected systems.

Generated by OpenCVE AI on April 3, 2026 at 03:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Suricata to version 7.0.15 or later, or 8.0.4 or later

Generated by OpenCVE AI on April 3, 2026 at 03:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 01:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-770
References
Metrics threat_severity

None

 threat_severity

Important

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Oisf
Oisf suricata
Vendors & Products Oisf
Oisf suricata

Thu, 02 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Description Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4.
Title Suricata stream: quadratic complexity in stream inspection
Weaknesses CWE-407
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Oisf Suricata
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-03T16:01:09.310Z

Reserved: 2026-03-10T15:10:10.654Z

Link: CVE-2026-31933

cve-icon Vulnrichment

Updated: 2026-04-03T16:00:59.307Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-02T14:16:28.930

Modified: 2026-04-03T16:10:52.680

Link: CVE-2026-31933

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-02T14:03:35Z

Links: CVE-2026-31933 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:18:44Z

Weaknesses