References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

Suricata is a network IDS, IPS and NSM engine. While saving a dataset a stack buffer is used to prepare the data. Prior to versions 8.0.3 and 7.0.14, if the data in the dataset is too large, this can result in a stack overflow. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not use rules with datasets `save` nor `state` options.

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121

https://github.com/OISF/suricata/commit/0eff24213763c2aa2bb0957901d5dc1e18414dbf

https://github.com/OISF/suricata/commit/27a2180bceaa3477419c78c54fce364398d011f1

https://github.com/OISF/suricata/commit/32609e6896f9079c175665a94005417cec7637eb

https://github.com/OISF/suricata/commit/32a1b9ae6aa80a60c073897e38a2ac6ea0f64521

https://github.com/OISF/suricata/commit/d6bc718e303ecbec5999066b8bc88eeeca743658

https://github.com/OISF/suricata/commit/d767dfadcd166f82683757818b9e46943326ac90

https://github.com/OISF/suricata/security/advisories/GHSA-9qg5-2gwh-xp86

https://redmine.openinfosecfoundation.org/issues/8110