Primary

Context

Suricata Buffer Overflow Vulnerability in BPF Filter Handling

Vulnerability

Patched

A buffer overflow vulnerability has been identified in Suricata, a network intrusion detection and prevention system, prior to version 7.0.8. The issue arises when a large Berkeley Packet Filter (BPF) file is provided to Suricata at startup, leading to a buffer overflow condition. This vulnerability requires user interaction, as it involves the use of untrusted files with the 'suricata -F' command line option.

Impact

Exploitation of this vulnerability causes a buffer overflow, which can potentially be exploited to execute arbitrary code or cause a denial-of-service condition.

Remediation

Users can upgrade to Suricata version 7.0.8 or later to address this vulnerability. It is also recommended not to use untrusted files with the 'suricata -F' command line option.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.3

remediation

7.9

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.3

remediation

7.9

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Suricata Buffer Overflow Vulnerability in BPF Filter Handling

Vulnerability

Impact

Remediation

Affected Products

OISF Suricata

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating