Bug 15225

Summary: [CVE 21] suricata 6.0.20 CVEs found
Product: [ROSA-based products] ROSA Fresh Reporter: alexei_safin <a.safin>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: RESOLVED DUPLICATE    
Severity: normal CC: a.proklov
Priority: Normal Flags: a.safin: secteam_verified?
Version: All   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Platform: 2021.1 ROSA Vulnerability identifier:
RPM Package: Upstream:

Description alexei_safin 2025-06-03 22:25:21 MSK 
Описание CVE: Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability in inline mode. This vulnerability is fixed in 7.0.9.

CVE ID: CVE-2025-29918
Пакет: suricata
Версия: 6.0.20
CVSS: None
Impact Score: None
Exploitability Score: None
CVSS v3: 6.2
Impact Score v3: 3.6
Exploitability Score v3: 2.5
Ссылка на NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-29918
Ссылка на CVE Search: http://158.255.4.149:17563/api/cve/CVE-2025-29918
Comment 1 Aleksandr Proklov 2025-06-04 06:28:57 MSK 

*** This bug has been marked as a duplicate of bug 15222 ***