Description

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.

INFO

Published Date :

2025-11-26T22:39:23.203Z

Last Modified :

2025-12-12T15:13:01.395Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-64335 vulnerability.

Vendors Products
Oisf
  • Suricata
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-64335.

URL Resource
https://github.com/OISF/suricata/commit/c935f08cd988600fd0a4f828a585b181dd5de012 cve-icon cve-icon
https://github.com/OISF/suricata/security/advisories/GHSA-v299-h7p3-q4f2 cve-icon cve-icon
https://www.vicarius.io/vsociety/posts/cve-2025-64335-detect-suricata-vulnerability cve-icon
https://www.vicarius.io/vsociety/posts/cve-2025-64335-mitigate-suricata-vulnerability cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact