Primary

Context

Suricata Stack Overflow Vulnerability in HTTP Body Logging

Vulnerability

Patched

A stack overflow vulnerability has been identified in Suricata, a network IDS, IPS, and NSM engine, prior to versions 7.0.13 and 8.0.2. The issue arises during large HTTP file transfers when the HTTP response body limit is increased and the logging of printable HTTP bodies is enabled. This vulnerability can lead to a significant disruption, causing a high availability impact.

Impact

Exploitation of this vulnerability can cause a stack overflow, leading to a high impact on availability.

Remediation

Users can upgrade to Suricata versions 7.0.13 or 8.0.2 to address this vulnerability. Alternatively, the default HTTP response body limits can be used, and HTTP body logging can be disabled, as it is disabled by default.

Added: Nov 26, 2025, 11:23 PM

Updated: Nov 26, 2025, 11:23 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

8.3

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

8.3

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Suricata Stack Overflow Vulnerability in HTTP Body Logging

Vulnerability

Impact

Remediation

Affected Products

OISF Suricata

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating