CVE-2026-22258

EPSS 0.05%
Veröffentlicht 27.01.2026 16:17:29
Zuletzt bearbeitet 30.01.2026 20:09:24
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB are also vulnerable. DCERPC/TCP in the default configuration should not be vulnerable as the default stream depth is limited to 1MiB. Versions 8.0.3 and 7.0.14 contain a patch. Some workarounds are available. For DCERPC/UDP, disable the parser. For DCERPC/TCP, the `stream.reassembly.depth` setting will limit the amount of data that can be buffered. For DCERPC/SMB, the `stream.reassembly.depth` can be used as well, but is set to unlimited by default. Imposing a limit here may lead to loss of visibility in SMB.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Oisf ≫ Suricata Version < 7.0.14

Oisf ≫ Suricata Version >= 8.0.0 < 8.0.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.148

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

https://github.com/OISF/suricata/security/advisories/GHSA-289c-h599-3xcx

Patch

Vendor Advisory

https://github.com/OISF/suricata/commit/39d8c302af3422a096b75474a4f295a754ec6a74

Patch

https://github.com/OISF/suricata/commit/f82a388d0283725cb76782cf64e8341cab370830

Patch

https://redmine.openinfosecfoundation.org/issues/8182

Issue Tracking

Permissions Required

https://nvd.nist.gov/vuln/detail/CVE-2026-22258

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-22258

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-22258

EUVD