2417421 – (CVE-2025-64344) CVE-2025-64344 Suricata: Suricata: Stack overflow in Lua scripts due to large buffers

Bug 2417421 (CVE-2025-64344) - CVE-2025-64344 Suricata: Suricata: Stack overflow in Lua scripts due to large buffers

Summary: CVE-2025-64344 Suricata: Suricata: Stack overflow in Lua scripts due to large...

Keywords:
Status:	NEW
Alias:	CVE-2025-64344
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2417527 2417530 2417537 2417540
Blocks:
TreeView+	depends on / blocked

Reported:	2025-11-27 00:01 UTC by OSIDB Bzimport
Modified:	2025-11-27 06:55 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-11-27 00:01:43 UTC

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.

Note You need to log in before you can comment on or make changes to this bug.