Primary

Context

Suricata Large Memory Allocation Vulnerability in Base64 Decode Handling

Vulnerability

Patched

A vulnerability exists in Suricata versions prior to 7.0.9, where the 'bytes' setting in the 'decode_base64' keyword is not properly restricted. This flaw can lead to excessive memory allocations of up to 4 GiB per thread, potentially causing resource starvation. The issue arises from untrusted signatures that can manipulate the base64 decoding process, allowing for large amounts of data to be processed and stored in memory.

Impact

Exploitation of this vulnerability can cause significant memory usage per thread, leading to resource exhaustion and potential denial of service.

Remediation

Users are advised to upgrade to Suricata version 7.0.9 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Suricata Large Memory Allocation Vulnerability in Base64 Decode Handling

Vulnerability

Impact

Remediation

Affected Products

OISF Suricata

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating