Detections
Analytics

Suricata < 7.0.14 / 8.x < 8.0.3 Multiple Vulnerabilities

critical Nessus Plugin ID 298995

Synopsis

An IDS/IPS solution running on the remote host is affected by multiple vulnerabilities.

Description

The version of OISF Suricata installed on the remote host is prior to 7.0.14 or 8.x prior to 8.0.3. It is, therefore, affected by multiple vulnerabilities, including:

 - Crafted DCERPC traffic can cause Suricata to expand a buffer without limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB are also vulnerable. (CVE-2026-22258)

 - Specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic.
 This can lead to the process slowing down and running out of memory, potentially leading to it getting killed by the OOM killer. (CVE-2026-22259)

 - Various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. (CVE-2026-22261)

 - While saving a dataset, a stack buffer is used to prepare the data. If the data in the dataset is too large, this can result in a stack overflow. (CVE-2026-22262)

 - An unsigned integer overflow can lead to a heap use-after-free condition when generating excessive amounts of alerts for a single packet. (CVE-2026-22264)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade Suricata to version 7.0.14 or 8.0.3 or higher.

See Also

http://www.nessus.org/u?7e56d5b0

http://www.nessus.org/u?fd11cc15

http://www.nessus.org/u?4e29002e

http://www.nessus.org/u?f2826c70

http://www.nessus.org/u?bedef9f8

Plugin Details

Severity: Critical

ID: 298995

File Name: suricata_7_0_14_8_0_3.nasl

Version: 1.1

Type: local

Agent: windows, macosx, unix

Family: Misc.

Published: 2/13/2026

Updated: 2/13/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-22262

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:oisf:suricata

Required KB Items: installed_sw/Open Information Security Foundation Suricata

Patch Publication Date: 1/27/2026

Vulnerability Publication Date: 1/27/2026

Reference Information

CVE: CVE-2026-22258, CVE-2026-22259, CVE-2026-22261, CVE-2026-22262, CVE-2026-22264

IAVB: 2026-B-0026