CVE-2025-59149
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-01

Last updated on: 2025-10-06

Assigner: GitHub, Inc.

Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules with ldap.responses.attribute_type and transforms.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-01
Last Modified
2025-10-06
Generated
2026-06-16
AI Q&A
2025-10-01
EPSS Evaluated
2026-06-15
NVD
CVE-2025-59149
EUVD
EUVD-2025-33224
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
oisf suricata 8.0.0
oisf suricata 8.0.0
oisf suricata 8.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in Suricata version 8.0.0 involves a stack buffer overflow that occurs when rules using the keyword ldap.responses.attribute_type with transforms are processed during Suricata startup or rule reload. The issue arises because the ldap.responses.attribute_type is long and mishandled, leading to memory corruption. It is fixed in version 8.0.1, and a workaround is to disable rules with ldap.responses.attribute_type and transforms.

Impact Analysis

The vulnerability can cause a stack buffer overflow, which may lead to a denial of service by crashing Suricata during startup or rule reload. Since the CVSS score indicates no impact on confidentiality or integrity but a high impact on availability, the main risk is service disruption.

Mitigation Strategies

To mitigate this vulnerability immediately, you should disable rules that use the ldap.responses.attribute_type keyword with transforms in Suricata. Additionally, upgrading Suricata to version 8.0.1 or later will fix the issue.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-59149. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart