15225 – [CVE 21] suricata 6.0.20 CVEs found

Bug 15225 - [CVE 21] suricata 6.0.20 CVEs found

Summary: [CVE 21] suricata 6.0.20 CVEs found

Status:	RESOLVED DUPLICATE of bug 15222

Alias:	None

Product:	ROSA Fresh
Classification:	ROSA-based products
Component:	Packages from Main (show other bugs)
Version:	All
Hardware:	All Linux

Importance:	Normal normal
Target Milestone:	---
Assignee:	ROSA Linux Bugs

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2025-06-03 22:25 MSK by alexei_safin
Modified:	2025-06-04 06:28 MSK (History)
CC List:	1 user (show)

See Also:
Platform:	2021.1
ROSA Vulnerability identifier:
RPM Package:
Upstream:

Flags:	a.safin: secteam_verified?

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description alexei_safin 2025-06-03 22:25:21 MSK

Описание CVE: Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability in inline mode. This vulnerability is fixed in 7.0.9.

CVE ID: CVE-2025-29918
Пакет: suricata
Версия: 6.0.20
CVSS: None
Impact Score: None
Exploitability Score: None
CVSS v3: 6.2
Impact Score v3: 3.6
Exploitability Score v3: 2.5
Ссылка на NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-29918
Ссылка на CVE Search: http://158.255.4.149:17563/api/cve/CVE-2025-29918

Comment 1 Aleksandr Proklov 2025-06-04 06:28:57 MSK


*** This bug has been marked as a duplicate of bug 15222 ***