CVE-2025-64334

Suricata is vulnerable to unbounded memory growth for decompression

CVSS 7.5 HIGHEPSS 0.3%CWE-770

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.5EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

26 Nov 2025Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, compressed HTTP data can lead to unbounded memory growth during decompression. This issue has been patched in version 8.0.2. A workaround involves disabling LZMA decompression or limiting response-body-limit size.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

OISF · suricata

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/OISF/suricata/commit/00f04daa3a44928dfdd0003cb9735469272c94a1 https://github.com/OISF/suricata/security/advisories/GHSA-r5jf-v2gx-gx8w