2417387 – (CVE-2025-64334) CVE-2025-64334 Suricata: Suricata: Unbounded memory growth via compressed HTTP data

Bug 2417387 (CVE-2025-64334) - CVE-2025-64334 Suricata: Suricata: Unbounded memory growth via compressed HTTP data

Summary: CVE-2025-64334 Suricata: Suricata: Unbounded memory growth via compressed HTT...

Keywords:
Status:	NEW
Alias:	CVE-2025-64334
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2417523 2417526 2417533 2417536
Blocks:
TreeView+	depends on / blocked

Reported:	2025-11-26 23:01 UTC by OSIDB Bzimport
Modified:	2025-11-27 06:54 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-11-26 23:01:19 UTC

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, compressed HTTP data can lead to unbounded memory growth during decompression. This issue has been patched in version 8.0.2. A workaround involves disabling LZMA decompression or limiting response-body-limit size.

Note You need to log in before you can comment on or make changes to this bug.