Unrated severityNVD Advisory· Published Oct 1, 2025· Updated Oct 23, 2025
Suricata: Keyword tls.subjectaltname can lead to NULL-ptr deref
CVE-2025-59150
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Version 8.0.0's usage of the tls.subjectaltname keyword can lead to a segmentation fault when the decoded subjectaltname contains a NULL byte. This issue is fixed in version 8.0.1. To workaround this issue, disable rules using the tls.subjectaltname keyword.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
4- forum.suricata.io/t/suricata-8-0-1-and-7-0-12-released/6018mitrex_refsource_MISC
- github.com/OISF/suricata/commit/d590fdfe42e995fd558315f0c24f9a352e21479dmitrex_refsource_MISC
- github.com/OISF/suricata/security/advisories/GHSA-mhv7-qfmj-m3f3mitrex_refsource_CONFIRM
- redmine.openinfosecfoundation.org/issues/7881mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.