Volerion logoVolerion
Volerion logoVolerion

Suricata Stack Buffer Overflow Vulnerability in Version 8.0.0

Vulnerability

A stack buffer overflow vulnerability has been identified in Suricata version 8.0.0. This issue arises in rules that use the keyword 'ldap.responses.attribute_type'—which is lengthy—combined with transforms. The buffer overflow can occur during the startup of Suricata or when reloading rules. This vulnerability has been addressed in Suricata version 8.0.1.

Impact

Exploitation of this vulnerability leads to a stack buffer overflow, which can commonly result in arbitrary code execution or causing a program to crash.

Reproduction

The vulnerability can be reproduced by creating a Suricata rule that includes the 'ldap.responses.attribute_type' keyword with transforms. When Suricata is started or the rules are reloaded, the buffer overflow will occur.

Remediation

Users can update to Suricata version 8.0.1, which patches this vulnerability. Instructions for downloading this version are available on the Open Information Security Foundation website.

Added: Oct 1, 2025, 8:22 PM
Updated: Oct 1, 2025, 8:22 PM

Vulnerability Rating

Custom Algorithm
spread
2.4
impact
10.0
exploitability
5.7
remediation
8.3
relevance
0.6
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.