CVE-2025-59148 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-59148 Interim 1 1 2025-10-04T23:13:31Z current 2025-10-04T23:13:31Z 2025-10-04T23:13:31Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-59148 Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a "sticky" buffer, which can lead to a segmentation fault. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules using the entropy keyword, or validate they are anchored to a sticky buffer. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed libsuricata8_0_1-8.0.1-1.1 suricata-8.0.1-1.1 suricata-devel-8.0.1-1.1 libsuricata8_0_1-8.0.1-1.1 as a component of openSUSE Tumbleweed suricata-8.0.1-1.1 as a component of openSUSE Tumbleweed suricata-devel-8.0.1-1.1 as a component of openSUSE Tumbleweed Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a "sticky" buffer, which can lead to a segmentation fault. This issue is fixed in version 8.0.1. To workaround this issue, users can disable rules using the entropy keyword, or validate they are anchored to a sticky buffer. CVE-2025-59148 openSUSE Tumbleweed:libsuricata8_0_1-8.0.1-1.1 openSUSE Tumbleweed:suricata-8.0.1-1.1 openSUSE Tumbleweed:suricata-devel-8.0.1-1.1 important