#VU118809 Stack-based buffer overflow in Suricata - CVE-2025-64331
Published: November 27, 2025
Vulnerability identifier: #VU118809
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2025-64331
CWE-ID: CWE-121
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Suricata
Suricata
Software vendor:
Open Information Security Foundation
Open Information Security Foundation
Description
The vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a boundary error on large HTTP file transfers. A remote attacker can trigger a stack-based buffer overflow and perform a denial of service attack.
Successful exploitation of this vulnerability requires that the HTTP response body limit has been increased and that logging of printable HTTP bodies was enabled.
Remediation
Install updates from vendor's website.