DescriptionIn Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
suricata (PTS)bullseye1:6.0.1-3vulnerable
sid, trixie1:7.0.6-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs


[bookworm] - suricata <no-dsa> (Minor issue)
[bullseye] - suricata <no-dsa> (Minor issue)
[buster] - suricata <no-dsa> (Minor issue)

Search for package or bug name: Reporting problems