| Name | CVE-2025-29916 |
| Description | datasets: hashsize setting via rules can cause high memory usage |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| suricata (PTS) | bullseye | 1:6.0.1-3 | vulnerable |
| bookworm | 1:6.0.10-1 | vulnerable |
| sid, trixie | 1:7.0.9-1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| suricata | source | (unstable) | 1:7.0.9-1 | | | |
Notes
[bookworm] - suricata <no-dsa> (Minor issue)
Fixed by: https://github.com/OISF/suricata/commit/d32a39ca4b53d7f659f4f0a2a5c162ef97dc4797 (master)
Fixed by: https://github.com/OISF/suricata/commit/a7713db709b8a0be5fc5e5809ab58e9b14a16e85 (master)
Fixed by: https://github.com/OISF/suricata/commit/2f432c99a9734ea3a75c9218f35060e11a7a39ad (suricata-7.0.9)
Fixed by: https://github.com/OISF/suricata/commit/e28c8c655a324a18932655a2c2b8f0d5aa1c55d7 (suricata-7.0.9)
Fixed by: https://github.com/OISF/suricata/commit/d86c5f9f0c75736d4fce93e27c0773fcb27e1047 (suricata-7.0.9)