← Back

CVE-2025-29915

nvd nist
Published: Apr 10, 2025Modified: May 29, 2025

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AF_PACKET defrag option is enabled by default and allows AF_PACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is based on the network interface MTU which leads to Suricata seeing truncated packets. Upgrade to Suricata 7.0.9, which uses better defaults and adds warnings for user configurations that may lead to issues.

Affected (1)

Products: Oisf: Suricata
Oisf
1 product
Suricata
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Suricata
Before 7.0.9

Related CWEs

CWE-347
Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (3)

Source: security-advisories@github.com
Patch
Source: security-advisories@github.com
Issue TrackingVendor Advisory
Source: security-advisories@github.com
Issue Tracking

Timeline

No history available yet.