Detections
Analytics

Suricata 8.0.0 < 8.0.1 Multiple Vulnerabilities

high Nessus Plugin ID 269722

Language:

Synopsis

An IDS/IPS solution running on the remote host is affected by multiple vulnerabilities.

Description

The version of OISF Suricata installed on the remote host is 8.0.x prior to 8.0.1. It is, therefore, affected by multiple vulnerabilities:

- Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a 'sticky' buffer, which can lead to a segmentation fault. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules using the entropy keyword, or validate they are anchored to a sticky buffer. (CVE-2025-59148)
- Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules with ldap.responses.attribute_type and transforms. (CVE-2025-59149)
- Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Version 8.0.0's usage of the tls.subjectaltname keyword can lead to a segmentation fault when the decoded subjectaltname contains a NULL byte. This issue is fixed in version 8.0.1. To workaround this issue, disable rules using the tls.subjectaltname keyword. (CVE-2025-59150)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade Suricata to 8.0.1 or higher.

See Also

http://www.nessus.org/u?4848673a

http://www.nessus.org/u?609cf000

http://www.nessus.org/u?97866848

https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018

Plugin Details

Severity: High

ID: 269722

File Name: suricata_8_0_1.nasl

Version: 1.1

Type: local

Agent: windows, macosx, unix

Family: Misc.

Published: 10/8/2025

Updated: 10/8/2025

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2025-59148

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: cpe:/a:oisf:suricata

Required KB Items: installed_sw/Open Information Security Foundation Suricata

Patch Publication Date: 9/1/2025

Vulnerability Publication Date: 10/1/2025

Reference Information

CVE: CVE-2025-59147, CVE-2025-59148, CVE-2025-59149, CVE-2025-59150