OISF Suricata
Easy fix3 remedies
cpe:2.3:a:openinfosecfoundation:suricata:*:*:*:*:*:*:*
Easy fix3 remedies
- < 7.0.14
- < 8.0.3
Suricata Stack Buffer Overflow Vulnerability in Dataset Handling
Vulnerability
Patched
A stack buffer overflow vulnerability has been identified in Suricata, a network IDS, IPS, and NSM engine, in versions prior to 7.0.14 and 8.0.3. The vulnerability arises when saving a dataset, as a stack buffer is used to prepare the data. If the dataset contains excessively large data, it can lead to a stack overflow. This issue can be exploited under certain conditions, particularly when rules with 'save' or 'state' options are used.
Impact
Exploitation of this vulnerability leads to a stack overflow, which can commonly result in arbitrary code execution or causing a program to crash.
Reproduction
The vulnerability can be reproduced by using Suricata versions prior to 7.0.14 and 8.0.3, and applying rules that include datasets with the 'save' or 'state' options. When the dataset contains a large amount of data, the stack buffer overflow occurs.
Remediation
Users can upgrade to Suricata versions 7.0.14 or 8.0.3, where this vulnerability has been patched. If an upgrade is not possible, as a temporary measure, avoid using rules that incorporate datasets with 'save' or 'state' options.
Added: Jan 27, 2026, 7:26 PM
Updated: Jan 27, 2026, 7:26 PM
Vulnerability Rating
Custom Algorithm
spread
2.4impact
2.5exploitability
5.7remediation
8.3relevance
2.5threat
4.8urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.