Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-59147 (GCVE-0-2025-59147)
Vulnerability from cvelistv5 – Published: 2025-10-01 19:27 – Updated: 2025-10-01 19:42
VLAI
EPSS
Title
Suricata is Vulnerable to Detection Bypass via Crafted Multiple SYN Packets
Summary
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers within the same flow tuple, which can cause Suricata to fail to pick up the TCP session. In IDS mode this can lead to a detection and logging bypass. In IPS mode this will lead to the flow getting blocked. This issue is fixed in versions 7.0.12 and 8.0.1.
Severity
7.5 (High)
CWE
- CWE-358 - Improperly Implemented Security Check for Standard
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/OISF/suricata/security/advisor… | x_refsource_CONFIRM |
| https://github.com/OISF/suricata/commit/be6315dba… | x_refsource_MISC |
| https://github.com/OISF/suricata/commit/e91b03c90… | x_refsource_MISC |
| https://forum.suricata.io/t/suricata-8-0-1-and-7-… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59147",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-01T19:42:12.196265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T19:42:24.032Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "suricata",
"vendor": "OISF",
"versions": [
{
"status": "affected",
"version": "\u003c 7.0.12"
},
{
"status": "affected",
"version": "\u003e= 8.0.0, \u003c 8.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers within the same flow tuple, which can cause Suricata to fail to pick up the TCP session. In IDS mode this can lead to a detection and logging bypass. In IPS mode this will lead to the flow getting blocked. This issue is fixed in versions 7.0.12 and 8.0.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-358",
"description": "CWE-358: Improperly Implemented Security Check for Standard",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T19:27:55.639Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/OISF/suricata/security/advisories/GHSA-v8hv-6v7x-4c2r",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-v8hv-6v7x-4c2r"
},
{
"name": "https://github.com/OISF/suricata/commit/be6315dba0d9101b11d16e9dacfe2822b3792f1b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/be6315dba0d9101b11d16e9dacfe2822b3792f1b"
},
{
"name": "https://github.com/OISF/suricata/commit/e91b03c90385db15e21cf1a0e85b921bf92b039e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/e91b03c90385db15e21cf1a0e85b921bf92b039e"
},
{
"name": "https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018",
"tags": [
"x_refsource_MISC"
],
"url": "https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018"
}
],
"source": {
"advisory": "GHSA-v8hv-6v7x-4c2r",
"discovery": "UNKNOWN"
},
"title": "Suricata is Vulnerable to Detection Bypass via Crafted Multiple SYN Packets"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59147",
"datePublished": "2025-10-01T19:27:55.639Z",
"dateReserved": "2025-09-09T15:23:16.326Z",
"dateUpdated": "2025-10-01T19:42:24.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-59147",
"date": "2026-05-27",
"epss": "0.0005",
"percentile": "0.15795"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-59147\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-10-01T20:18:38.267\",\"lastModified\":\"2025-10-06T16:59:06.083\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers within the same flow tuple, which can cause Suricata to fail to pick up the TCP session. In IDS mode this can lead to a detection and logging bypass. In IPS mode this will lead to the flow getting blocked. This issue is fixed in versions 7.0.12 and 8.0.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-358\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.0.12\",\"matchCriteriaId\":\"CD9C7EA7-5925-4C2B-815B-13F87DDB3F9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oisf:suricata:8.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"016370F6-3404-4F20-ABED-C0D23AC7D1D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oisf:suricata:8.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C51F6B1-2B23-4C24-9B69-DA71597628C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oisf:suricata:8.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"722B8967-EC47-43AF-AB71-4F7487780CED\"}]}]}],\"references\":[{\"url\":\"https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/OISF/suricata/commit/be6315dba0d9101b11d16e9dacfe2822b3792f1b\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/OISF/suricata/commit/e91b03c90385db15e21cf1a0e85b921bf92b039e\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/OISF/suricata/security/advisories/GHSA-v8hv-6v7x-4c2r\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\",\"Issue Tracking\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-59147\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-01T19:42:12.196265Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-01T19:42:18.785Z\"}}], \"cna\": {\"title\": \"Suricata is Vulnerable to Detection Bypass via Crafted Multiple SYN Packets\", \"source\": {\"advisory\": \"GHSA-v8hv-6v7x-4c2r\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"OISF\", \"product\": \"suricata\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 7.0.12\"}, {\"status\": \"affected\", \"version\": \"\u003e= 8.0.0, \u003c 8.0.1\"}]}], \"references\": [{\"url\": \"https://github.com/OISF/suricata/security/advisories/GHSA-v8hv-6v7x-4c2r\", \"name\": \"https://github.com/OISF/suricata/security/advisories/GHSA-v8hv-6v7x-4c2r\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/be6315dba0d9101b11d16e9dacfe2822b3792f1b\", \"name\": \"https://github.com/OISF/suricata/commit/be6315dba0d9101b11d16e9dacfe2822b3792f1b\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/OISF/suricata/commit/e91b03c90385db15e21cf1a0e85b921bf92b039e\", \"name\": \"https://github.com/OISF/suricata/commit/e91b03c90385db15e21cf1a0e85b921bf92b039e\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018\", \"name\": \"https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers within the same flow tuple, which can cause Suricata to fail to pick up the TCP session. In IDS mode this can lead to a detection and logging bypass. In IPS mode this will lead to the flow getting blocked. This issue is fixed in versions 7.0.12 and 8.0.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-358\", \"description\": \"CWE-358: Improperly Implemented Security Check for Standard\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-10-01T19:27:55.639Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-59147\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-01T19:42:24.032Z\", \"dateReserved\": \"2025-09-09T15:23:16.326Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-10-01T19:27:55.639Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2025-AVI-0796
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Suricata. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Suricata versions ant\u00e9rieures \u00e0 7.0.12",
"product": {
"name": "Suricata",
"vendor": {
"name": "Suricata",
"scada": false
}
}
},
{
"description": "Suricata versions 8.x ant\u00e9rieures \u00e0 8.0.1",
"product": {
"name": "Suricata",
"vendor": {
"name": "Suricata",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-59149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59149"
},
{
"name": "CVE-2025-59150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59150"
},
{
"name": "CVE-2025-59147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59147"
},
{
"name": "CVE-2025-59148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59148"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0796",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Suricata. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Suricata",
"vendor_advisories": [
{
"published_at": "2025-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Suricata suricata-8-0-1-and-7-0-12-released",
"url": "https://suricata.io/2025/09/16/suricata-8-0-1-and-7-0-12-released/"
}
]
}
CERTFR-2025-AVI-0796
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Suricata. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Suricata versions ant\u00e9rieures \u00e0 7.0.12",
"product": {
"name": "Suricata",
"vendor": {
"name": "Suricata",
"scada": false
}
}
},
{
"description": "Suricata versions 8.x ant\u00e9rieures \u00e0 8.0.1",
"product": {
"name": "Suricata",
"vendor": {
"name": "Suricata",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-59149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59149"
},
{
"name": "CVE-2025-59150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59150"
},
{
"name": "CVE-2025-59147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59147"
},
{
"name": "CVE-2025-59148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59148"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0796",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Suricata. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Suricata",
"vendor_advisories": [
{
"published_at": "2025-09-16",
"title": "Bulletin de s\u00e9curit\u00e9 Suricata suricata-8-0-1-and-7-0-12-released",
"url": "https://suricata.io/2025/09/16/suricata-8-0-1-and-7-0-12-released/"
}
]
}
BDU:2025-12460
Vulnerability from fstec - Published: 16.09.2025
VLAI
Title
Уязвимость системы обнаружения и предотвращения вторжений Suricata, связана с некорректной проверкой безопасности для стандартных элементов, позволяющая нарушителю обойти существующие механизмы безопасности или вызвать отказ в обслуживании
Description
Уязвимость системы обнаружения и предотвращения вторжений Suricata связана с некорректной проверкой безопасности для стандартных элементов. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, обойти существующие механизмы безопасности или вызвать отказ в обслуживании путем отправки специально сформированных SYN-пакетов
Severity
Vendor
Open Information Security Foundation, ООО "Айдеко Софтвер", АО «ИВК», ООО «А-Реал Консалтинг», ООО «С-Терра СиЭсПи», ООО «ИнфоВотч АРМА»
Software Name
Suricata, Межсетевой экран "Ideco UTM", ИВК Кольчуга-К (ЛКНВ.466217.002), Программный межсетевой экран Интернет Контроль Сервер (запись в едином реестре российских программ №322), Программный комплекс «С-Терра СОВ», Программный комплекс «InfoWatch ARMA Industrial Firewall»
Software Version
до 8.0.1 (Suricata), до 7.0.12 (Suricata), до 19.8 включительно (Межсетевой экран "Ideco UTM"), - (ИВК Кольчуга-К (ЛКНВ.466217.002)), до 12.0.2 включительно (Программный межсетевой экран Интернет Контроль Сервер), 4.3 (Программный комплекс «С-Терра СОВ»), - (Программный комплекс «InfoWatch ARMA Industrial Firewall»)
Possible Mitigations
Установка обновлений из доверенных источников. В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программного обеспечения только после оценки всех сопутствующих рисков.
Компенсирующие меры:
- использование средств межсетевого экранирования для ограничения удалённого доступа к уязвимому программному обеспечению;
- использование SIEM-систем для отслеживания событий, связанных с обработкой SYN-пакетов;
- ограничение доступа из внешних сетей (Интернет).
Использование рекомендаций:
https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018
https://github.com/OISF/suricata/commit/e91b03c90385db15e21cf1a0e85b921bf92b039e
https://github.com/OISF/suricata/security/advisories/GHSA-v8hv-6v7x-4c2r
Для ИВК Кольчуга-К (ЛКНВ.466217.002):
https://ivk.ru/produktsiya/obnovleniya-bezopasnosti/detail/obnovlenie-bezopasnosti-no-06112025.it.me.a4.pz/
Для ООО «А-Реал Консалтинг»:
Обновление программного обеспечения до версии 12.0.3 или выше
Для С-Терра СОВ:
http://s-terra.ru/upload/iblock/b87/tiiv6uhg7prlypdp67yz71boau2x9cxh/website-vulns_ids_29102025.pdf
Для ООО "ИнфоВатч АРМА":
- включение на ПК результирующих правил Suricata, обнаруживающих SYN Flood;
- добавление в список результирующих правил Suricata правил, обнаруживающих эксплуатацию данной уязвимости.
Reference
https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018
https://github.com/OISF/suricata/commit/e91b03c90385db15e21cf1a0e85b921bf92b039e
https://github.com/OISF/suricata/security/advisories/GHSA-v8hv-6v7x-4c2r
https://ivk.ru/produktsiya/obnovleniya-bezopasnosti/detail/obnovlenie-bezopasnosti-no-06112025.it.me.a4.pz/
http://s-terra.ru/upload/iblock/b87/tiiv6uhg7prlypdp67yz71boau2x9cxh/website-vulns_ids_29102025.pdf
CWE
CWE-358
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Open Information Security Foundation, \u041e\u041e\u041e \"\u0410\u0439\u0434\u0435\u043a\u043e \u0421\u043e\u0444\u0442\u0432\u0435\u0440\", \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u041e\u041e\u041e \u00ab\u0410-\u0420\u0435\u0430\u043b \u041a\u043e\u043d\u0441\u0430\u043b\u0442\u0438\u043d\u0433\u00bb, \u041e\u041e\u041e \u00ab\u0421-\u0422\u0435\u0440\u0440\u0430 \u0421\u0438\u042d\u0441\u041f\u0438\u00bb, \u041e\u041e\u041e \u00ab\u0418\u043d\u0444\u043e\u0412\u043e\u0442\u0447 \u0410\u0420\u041c\u0410\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 8.0.1 (Suricata), \u0434\u043e 7.0.12 (Suricata), \u0434\u043e 19.8 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (\u041c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u044d\u043a\u0440\u0430\u043d \"Ideco UTM\"), - (\u0418\u0412\u041a \u041a\u043e\u043b\u044c\u0447\u0443\u0433\u0430-\u041a (\u041b\u041a\u041d\u0412.466217.002)), \u0434\u043e 12.0.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u044d\u043a\u0440\u0430\u043d \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u041a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0421\u0435\u0440\u0432\u0435\u0440), 4.3 (\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441 \u00ab\u0421-\u0422\u0435\u0440\u0440\u0430 \u0421\u041e\u0412\u00bb), - (\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441 \u00abInfoWatch ARMA Industrial Firewall\u00bb)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 SIEM-\u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0441\u043e\u0431\u044b\u0442\u0438\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 SYN-\u043f\u0430\u043a\u0435\u0442\u043e\u0432;\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442).\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018\nhttps://github.com/OISF/suricata/commit/e91b03c90385db15e21cf1a0e85b921bf92b039e\nhttps://github.com/OISF/suricata/security/advisories/GHSA-v8hv-6v7x-4c2r\n\n\u0414\u043b\u044f \u0418\u0412\u041a \u041a\u043e\u043b\u044c\u0447\u0443\u0433\u0430-\u041a (\u041b\u041a\u041d\u0412.466217.002):\nhttps://ivk.ru/produktsiya/obnovleniya-bezopasnosti/detail/obnovlenie-bezopasnosti-no-06112025.it.me.a4.pz/\n\n\u0414\u043b\u044f \u041e\u041e\u041e \u00ab\u0410-\u0420\u0435\u0430\u043b \u041a\u043e\u043d\u0441\u0430\u043b\u0442\u0438\u043d\u0433\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 12.0.3 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435\n\n\u0414\u043b\u044f \u0421-\u0422\u0435\u0440\u0440\u0430 \u0421\u041e\u0412:\nhttp://s-terra.ru/upload/iblock/b87/tiiv6uhg7prlypdp67yz71boau2x9cxh/website-vulns_ids_29102025.pdf\n\n\u0414\u043b\u044f \u041e\u041e\u041e \"\u0418\u043d\u0444\u043e\u0412\u0430\u0442\u0447 \u0410\u0420\u041c\u0410\":\n- \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043d\u0430 \u041f\u041a \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u0430\u0432\u0438\u043b Suricata, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u044e\u0449\u0438\u0445 SYN Flood;\n- \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u0441\u043f\u0438\u0441\u043e\u043a \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u0430\u0432\u0438\u043b Suricata \u043f\u0440\u0430\u0432\u0438\u043b, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "16.09.2025",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.01.2026",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "03.10.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-12460",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-59147",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Suricata, \u041c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u044d\u043a\u0440\u0430\u043d \"Ideco UTM\", \u0418\u0412\u041a \u041a\u043e\u043b\u044c\u0447\u0443\u0433\u0430-\u041a (\u041b\u041a\u041d\u0412.466217.002), \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u044d\u043a\u0440\u0430\u043d \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u041a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0421\u0435\u0440\u0432\u0435\u0440 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116322), \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441 \u00ab\u0421-\u0422\u0435\u0440\u0440\u0430 \u0421\u041e\u0412\u00bb, \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441 \u00abInfoWatch ARMA Industrial Firewall\u00bb",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 Suricata, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 (CWE-358)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 Suricata \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043b\u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 SYN-\u043f\u0430\u043a\u0435\u0442\u043e\u0432",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0417\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u043e\u043c",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018\nhttps://github.com/OISF/suricata/commit/e91b03c90385db15e21cf1a0e85b921bf92b039e\nhttps://github.com/OISF/suricata/security/advisories/GHSA-v8hv-6v7x-4c2r\nhttps://ivk.ru/produktsiya/obnovleniya-bezopasnosti/detail/obnovlenie-bezopasnosti-no-06112025.it.me.a4.pz/\nhttp://s-terra.ru/upload/iblock/b87/tiiv6uhg7prlypdp67yz71boau2x9cxh/website-vulns_ids_29102025.pdf",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b, \u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-358",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
FKIE_CVE-2025-59147
Vulnerability from fkie_nvd - Published: 2025-10-01 20:18 - Updated: 2025-10-06 16:59
Severity
Summary
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers within the same flow tuple, which can cause Suricata to fail to pick up the TCP session. In IDS mode this can lead to a detection and logging bypass. In IPS mode this will lead to the flow getting blocked. This issue is fixed in versions 7.0.12 and 8.0.1.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C7EA7-5925-4C2B-815B-13F87DDB3F9C",
"versionEndExcluding": "7.0.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:8.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "016370F6-3404-4F20-ABED-C0D23AC7D1D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:8.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "2C51F6B1-2B23-4C24-9B69-DA71597628C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:8.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "722B8967-EC47-43AF-AB71-4F7487780CED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers within the same flow tuple, which can cause Suricata to fail to pick up the TCP session. In IDS mode this can lead to a detection and logging bypass. In IPS mode this will lead to the flow getting blocked. This issue is fixed in versions 7.0.12 and 8.0.1."
}
],
"id": "CVE-2025-59147",
"lastModified": "2025-10-06T16:59:06.083",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2025-10-01T20:18:38.267",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/OISF/suricata/commit/be6315dba0d9101b11d16e9dacfe2822b3792f1b"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/OISF/suricata/commit/e91b03c90385db15e21cf1a0e85b921bf92b039e"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/OISF/suricata/security/advisories/GHSA-v8hv-6v7x-4c2r"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-358"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
OPENSUSE-SU-2025:15592-1
Vulnerability from csaf_opensuse - Published: 2025-10-01 00:00 - Updated: 2025-10-01 00:00Summary
libsuricata8_0_1-8.0.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: libsuricata8_0_1-8.0.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the libsuricata8_0_1-8.0.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15592
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libsuricata8_0_1-8.0.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libsuricata8_0_1-8.0.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15592",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15592-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59150/"
}
],
"title": "libsuricata8_0_1-8.0.1-1.1 on GA media",
"tracking": {
"current_release_date": "2025-10-01T00:00:00Z",
"generator": {
"date": "2025-10-01T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15592-1",
"initial_release_date": "2025-10-01T00:00:00Z",
"revision_history": [
{
"date": "2025-10-01T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libsuricata8_0_1-8.0.1-1.1.aarch64",
"product": {
"name": "libsuricata8_0_1-8.0.1-1.1.aarch64",
"product_id": "libsuricata8_0_1-8.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "suricata-8.0.1-1.1.aarch64",
"product": {
"name": "suricata-8.0.1-1.1.aarch64",
"product_id": "suricata-8.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "suricata-devel-8.0.1-1.1.aarch64",
"product": {
"name": "suricata-devel-8.0.1-1.1.aarch64",
"product_id": "suricata-devel-8.0.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libsuricata8_0_1-8.0.1-1.1.ppc64le",
"product": {
"name": "libsuricata8_0_1-8.0.1-1.1.ppc64le",
"product_id": "libsuricata8_0_1-8.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "suricata-8.0.1-1.1.ppc64le",
"product": {
"name": "suricata-8.0.1-1.1.ppc64le",
"product_id": "suricata-8.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "suricata-devel-8.0.1-1.1.ppc64le",
"product": {
"name": "suricata-devel-8.0.1-1.1.ppc64le",
"product_id": "suricata-devel-8.0.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libsuricata8_0_1-8.0.1-1.1.s390x",
"product": {
"name": "libsuricata8_0_1-8.0.1-1.1.s390x",
"product_id": "libsuricata8_0_1-8.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "suricata-8.0.1-1.1.s390x",
"product": {
"name": "suricata-8.0.1-1.1.s390x",
"product_id": "suricata-8.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "suricata-devel-8.0.1-1.1.s390x",
"product": {
"name": "suricata-devel-8.0.1-1.1.s390x",
"product_id": "suricata-devel-8.0.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libsuricata8_0_1-8.0.1-1.1.x86_64",
"product": {
"name": "libsuricata8_0_1-8.0.1-1.1.x86_64",
"product_id": "libsuricata8_0_1-8.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "suricata-8.0.1-1.1.x86_64",
"product": {
"name": "suricata-8.0.1-1.1.x86_64",
"product_id": "suricata-8.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "suricata-devel-8.0.1-1.1.x86_64",
"product": {
"name": "suricata-devel-8.0.1-1.1.x86_64",
"product_id": "suricata-devel-8.0.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libsuricata8_0_1-8.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64"
},
"product_reference": "libsuricata8_0_1-8.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsuricata8_0_1-8.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le"
},
"product_reference": "libsuricata8_0_1-8.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsuricata8_0_1-8.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x"
},
"product_reference": "libsuricata8_0_1-8.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libsuricata8_0_1-8.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64"
},
"product_reference": "libsuricata8_0_1-8.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suricata-8.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64"
},
"product_reference": "suricata-8.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suricata-8.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le"
},
"product_reference": "suricata-8.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suricata-8.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x"
},
"product_reference": "suricata-8.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suricata-8.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64"
},
"product_reference": "suricata-8.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suricata-devel-8.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64"
},
"product_reference": "suricata-devel-8.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suricata-devel-8.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le"
},
"product_reference": "suricata-devel-8.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suricata-devel-8.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x"
},
"product_reference": "suricata-devel-8.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "suricata-devel-8.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64"
},
"product_reference": "suricata-devel-8.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59147"
}
],
"notes": [
{
"category": "general",
"text": "Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers within the same flow tuple, which can cause Suricata to fail to pick up the TCP session. In IDS mode this can lead to a detection and logging bypass. In IPS mode this will lead to the flow getting blocked. This issue is fixed in versions 7.0.12 and 8.0.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59147",
"url": "https://www.suse.com/security/cve/CVE-2025-59147"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-01T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-59147"
},
{
"cve": "CVE-2025-59148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59148"
}
],
"notes": [
{
"category": "general",
"text": "Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a \"sticky\" buffer, which can lead to a segmentation fault. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules using the entropy keyword, or validate they are anchored to a sticky buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59148",
"url": "https://www.suse.com/security/cve/CVE-2025-59148"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-01T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-59148"
},
{
"cve": "CVE-2025-59149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59149"
}
],
"notes": [
{
"category": "general",
"text": "Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attribute_type (which is long) with transforms can lead to a stack buffer overflow during Suricata startup or during a rule reload. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules with ldap.responses.attribute_type and transforms.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59149",
"url": "https://www.suse.com/security/cve/CVE-2025-59149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-01T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-59149"
},
{
"cve": "CVE-2025-59150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59150"
}
],
"notes": [
{
"category": "general",
"text": "Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Version 8.0.0\u0027s usage of the tls.subjectaltname keyword can lead to a segmentation fault when the decoded subjectaltname contains a NULL byte. This issue is fixed in version 8.0.1. To workaround this issue, disable rules using the tls.subjectaltname keyword.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59150",
"url": "https://www.suse.com/security/cve/CVE-2025-59150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-8.0.1-1.1.x86_64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.aarch64",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.s390x",
"openSUSE Tumbleweed:suricata-devel-8.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-01T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-59150"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…