{
  "threat_severity" : "Important",
  "public_date" : "2025-11-26T22:57:02Z",
  "bugzilla" : {
    "description" : "Suricata: Suricata: Stack Overflow Vulnerability via Large HTTP Content Type Logging",
    "id" : "2417395",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2417395"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-121",
  "details" : [ "Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves limiting stream.reassembly.depth to less then half the stack size. Increasing the process stack size makes it less likely the bug will trigger.", "A flaw was found in Suricata. This vulnerability allows a stack overflow, leading to a crash, via a large HTTP (Hypertext Transfer Protocol) content type when logged." ],
  "statement" : "The vulnerability in Suricata allows a remote attacker to cause a denial of service by sending a crafted HTTP request with a large content type, leading to a stack overflow and application crash. The highest threat is to system availability.",
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-64333\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-64333\nhttps://github.com/OISF/suricata/security/advisories/GHSA-537h-xxmx-v87m" ],
  "name" : "CVE-2025-64333",
  "csaw" : false
}