Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2026-22259

Опубликовано: 27 янв. 2026
Источник: debian
EPSS Низкий

Описание

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting killed by the OOM killer. Versions 8.0.3 or 7.0.14 contain a patch. As a workaround, disable the DNP3 parser in the suricata yaml (disabled by default).

Пакеты

ПакетСтатусВерсия исправленияРелизТип
suricatafixed1:8.0.3-1package
suricatafixed1:7.0.10-1+deb13u3trixiepackage
suricatano-dsabookwormpackage

Примечания

  • https://github.com/OISF/suricata/security/advisories/GHSA-878h-2x6v-84q9

  • https://github.com/OISF/suricata/commit/50cac2e2465ca211eabfa156623e585e9037bb7e (suricata-8.0.3)

  • https://github.com/OISF/suricata/commit/63225d5f8ef64cc65164c0bb1800730842d54942 (suricata-7.0.14)

EPSS

Процентиль: 25%
0.00084
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2026-22259

CVSS3: 7.5
ubuntu
2 месяца назад

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting killed by the OOM killer. Versions 8.0.3 or 7.0.14 contain a patch. As a workaround, disable the DNP3 parser in the suricata yaml (disabled by default).

nvd логотип

CVE-2026-22259

CVSS3: 7.5
nvd
2 месяца назад

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting killed by the OOM killer. Versions 8.0.3 or 7.0.14 contain a patch. As a workaround, disable the DNP3 parser in the suricata yaml (disabled by default).

fstec логотип

BDU:2026-00953

CVSS3: 7.5
fstec
3 месяца назад

Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 25%
0.00084
Низкий