Volerion logoVolerion
Volerion logoVolerion

Suricata Stack Overflow Vulnerability in HTTP Content Type Logging

Vulnerability

A stack overflow vulnerability has been identified in Suricata, a network IDS, IPS, and NSM engine, prior to versions 7.0.13 and 8.0.2. When a large HTTP content type is logged, it can cause Suricata to crash. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround involves limiting the stream.reassembly.depth to less than half the stack size, and increasing the process stack size can reduce the likelihood of triggering the bug.

Impact

Exploiting this vulnerability leads to a stack overflow, causing Suricata to crash.

Remediation

Users can upgrade to Suricata versions 7.0.13 or 8.0.2. For those using earlier versions, the stream.reassembly.depth can be adjusted to less than half the stack size, and the process stack size can be increased to make it less likely for the bug to trigger.

Added: Nov 26, 2025, 11:21 PM
Updated: Nov 26, 2025, 11:21 PM

Vulnerability Rating

Custom Algorithm
spread
2.4
impact
2.5
exploitability
4.7
remediation
8.3
relevance
1.1
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.