Primary

Context

Suricata Stack Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Patched

A stack overflow vulnerability has been identified in Suricata, a network IDS, IPS, and NSM engine, affecting versions 8.0.0 prior to 8.0.3. This vulnerability can cause Suricata to crash, creating a denial-of-service condition. The issue arises from poorly bounded recursion in the decompression process, which can be exploited to overflow the stack and cause a crash.

Impact

Exploitation of this vulnerability leads to a stack overflow, causing Suricata to crash and creating a denial-of-service condition.

Remediation

Users can upgrade to Suricata version 8.0.3, which patches this vulnerability. As an alternative, the default values for 'request-body-limit' and 'response-body-limit' can be used to mitigate the issue.

Added: Jan 27, 2026, 6:23 PM

Updated: Jan 27, 2026, 6:23 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.3

remediation

8.3

relevance

2.4

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

5.3

remediation

8.3

relevance

2.4

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Suricata Stack Overflow Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

OISF Suricata

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating