CVE-2025-29916
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-29916
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-29916.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-29916
- Aliases
-
- GHSA-27g3-pmvp-j9cv
- Downstream
- Published
- 2025-04-10T20:03:16.834Z
- Modified
- 2025-12-05T08:54:13.797308Z
- Severity
-
- 6.2 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Suricata datasets: ruleset declared settings can lead to resource starvation
- Details
-
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Datasets declared in rules have an option to specify the
hashsizeto use. This size setting isn't properly limited, so the hash table allocation can be large. Untrusted rules can lead to large memory allocations, potentially leading to denial of service due to resource starvation. This vulnerability is fixed in 7.0.9. - Database specific
{ "cwe_ids": [ "CWE-770" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/29xxx/CVE-2025-29916.json", "cna_assigner": "GitHub_M" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/29xxx/CVE-2025-29916.json
- https://github.com/OISF/suricata/commit/a7713db709b8a0be5fc5e5809ab58e9b14a16e85
- https://github.com/OISF/suricata/security/advisories/GHSA-27g3-pmvp-j9cv
- https://nvd.nist.gov/vuln/detail/CVE-2025-29916
- https://redmine.openinfosecfoundation.org/issues/7615
Affected packages
Git / github.com/oisf/suricata
Affected ranges
- Type
- GIT
- Repo
- https://github.com/oisf/suricata
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
suricata-0.*
suricata-0.8.2
suricata-1.*
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
suricata-1.2
suricata-1.2.1
suricata-1.2beta1
suricata-1.2rc1
suricata-1.3
suricata-1.3.1
suricata-1.3beta1
suricata-1.3beta2
suricata-1.3rc1
suricata-1.4
suricata-1.4beta1
suricata-1.4beta2
suricata-1.4beta3
suricata-1.4rc1
suricata-2.*
suricata-2.0
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0.2
suricata-2.0beta1
suricata-2.0beta2
suricata-2.0rc1
suricata-2.0rc2
suricata-2.0rc3
suricata-2.1beta1
suricata-2.1beta2
suricata-2.1beta3
suricata-2.1beta4
suricata-3.*
suricata-3.0
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0RC1
suricata-3.0RC2
suricata-3.0RC3
suricata-3.1
suricata-3.1.1
suricata-3.1.2
suricata-3.1RC1
suricata-3.2
suricata-3.2.1
suricata-3.2RC1
suricata-3.2beta1
suricata-4.*
suricata-4.0.0
suricata-4.0.0-beta1
suricata-4.0.0-rc1
suricata-4.0.0-rc2
suricata-4.0.1
suricata-4.1.0
suricata-4.1.0-beta1
suricata-4.1.0-rc1
suricata-4.1.0-rc2
suricata-4.1.1
suricata-4.1.2
suricata-5.*
suricata-5.0.0
suricata-5.0.0-beta1
suricata-5.0.0-rc1
suricata-5.0.1
suricata-6.*
suricata-6.0.0
suricata-6.0.0-beta1
suricata-6.0.0-rc1
suricata-6.0.1
suricata-7.*
suricata-7.0.0
suricata-7.0.0-beta1
suricata-7.0.0-rc1
suricata-7.0.0-rc2
suricata-7.0.1
suricata-7.0.2
suricata-7.0.3
suricata-7.0.4
suricata-7.0.5
suricata-7.0.6
suricata-7.0.7
suricata-7.0.8