2417413 – (CVE-2025-64330) CVE-2025-64330 Suricata: Suricata: Single byte read heap overflow leads to denial of service

Bug 2417413 (CVE-2025-64330) - CVE-2025-64330 Suricata: Suricata: Single byte read heap overflow leads to denial of service

Summary: CVE-2025-64330 Suricata: Suricata: Single byte read heap overflow leads to de...

Keywords:
Status:	NEW
Alias:	CVE-2025-64330
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2417513 2417514 2417516 2417520
Blocks:
TreeView+	depends on / blocked

Reported:	2025-11-27 00:01 UTC by OSIDB Bzimport
Modified:	2025-11-27 06:53 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-11-27 00:01:25 UTC

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires the per packet alert queue to be filled with alerts and then followed by a pass rule. This issue has been patched in versions 7.0.13 and 8.0.2. To reduce the likelihood of this issue occurring, the alert queue size a should be increased (packet-alert-max in suricata.yaml) if verdict is enabled.

Note You need to log in before you can comment on or make changes to this bug.