DEBIAN-CVE-2025-29918

DEBIAN-CVE-2025-29918 PUBLISHED CVSS 5.5 MEDIUM

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability in inline mode. This vulnerability is fixed in 7.0.9.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:13	suricata	0, 0
Debian:11	suricata	0, *, 0
Debian:12	suricata	, , *
Debian:14	suricata	0, 0

Timeline

Apr 10, 2025 CVE Published
May 16, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-29918 advisory

Open in Interactive Console →