Moderate severityGHSA Advisory· Published Dec 18, 2025· Updated Dec 19, 2025
Filebeat Improper Validation of Specified Index, Position, or Offset in Input
CVE-2025-68383
Description
Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow (CAPEC-100) and cause a denial of service (panic/crash) of the Filebeat process via either a malformed Syslog message or a malicious tokenizer pattern in the Dissect configuration.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/elastic/beats/v7Go | >= 7.7.0, < 8.19.9 | 8.19.9 |
github.com/elastic/beats/v7Go | >= 9.0.0, < 9.1.9 | 9.1.9 |
github.com/elastic/beats/v7Go | >= 9.2.0, < 9.2.3 | 9.2.3 |
github.com/elastic/beats/v7Go | < 7.0.0-alpha2.0.20251204214633-dd3af18220bf | 7.0.0-alpha2.0.20251204214633-dd3af18220bf |
github.com/elastic/beatsGo | <= 7.6.2 | — |
Affected products
80- Range: <= 7.6.2
- osv-coords79 versionspkg:apk/chainguard/agentbeatpkg:apk/chainguard/agentbeat-fipspkg:apk/chainguard/apm-server-8.19pkg:apk/chainguard/apm-server-9.2pkg:apk/chainguard/apm-server-9.2-compatpkg:apk/chainguard/apm-server-fips-8.19pkg:apk/chainguard/apm-server-fips-9.2pkg:apk/chainguard/apm-server-fips-9.2-compatpkg:apk/chainguard/auditbeat-8.19pkg:apk/chainguard/auditbeat-8.19-oci-entrypointpkg:apk/chainguard/auditbeat-9.1pkg:apk/chainguard/auditbeat-9.1-oci-entrypointpkg:apk/chainguard/auditbeat-9.2pkg:apk/chainguard/auditbeat-9.2-oci-entrypointpkg:apk/chainguard/auditbeat-9.3pkg:apk/chainguard/auditbeat-9.4pkg:apk/chainguard/auditbeat-fips-8.19pkg:apk/chainguard/auditbeat-fips-9.1pkg:apk/chainguard/auditbeat-fips-9.2pkg:apk/chainguard/auditbeat-fips-9.3pkg:apk/chainguard/auditbeat-fips-9.4pkg:apk/chainguard/beats-8.19pkg:apk/chainguard/beats-9.1pkg:apk/chainguard/beats-9.2pkg:apk/chainguard/beats-fips-8.19pkg:apk/chainguard/beats-fips-9.1pkg:apk/chainguard/beats-fips-9.2pkg:apk/chainguard/cloudbeat-8.19pkg:apk/chainguard/cloudbeat-9.2pkg:apk/chainguard/cloudbeat-9.3pkg:apk/chainguard/cloudbeat-fips-8.19pkg:apk/chainguard/cloudbeat-fips-9.2pkg:apk/chainguard/cloudbeat-fips-9.3pkg:apk/chainguard/elastic-agentpkg:apk/chainguard/filebeat-8.19pkg:apk/chainguard/filebeat-8.19-oci-entrypointpkg:apk/chainguard/filebeat-9.1pkg:apk/chainguard/filebeat-9.1-oci-entrypointpkg:apk/chainguard/filebeat-9.2pkg:apk/chainguard/filebeat-9.2-oci-entrypointpkg:apk/chainguard/filebeat-9.3pkg:apk/chainguard/filebeat-9.4pkg:apk/chainguard/filebeat-fips-8.19pkg:apk/chainguard/filebeat-fips-9.1pkg:apk/chainguard/filebeat-fips-9.2pkg:apk/chainguard/filebeat-fips-9.3pkg:apk/chainguard/filebeat-fips-9.4pkg:apk/chainguard/heartbeat-8.19pkg:apk/chainguard/heartbeat-8.19-oci-entrypointpkg:apk/chainguard/heartbeat-9.1pkg:apk/chainguard/heartbeat-9.1-oci-entrypointpkg:apk/chainguard/heartbeat-9.2pkg:apk/chainguard/heartbeat-9.2-oci-entrypointpkg:apk/chainguard/heartbeat-9.3pkg:apk/chainguard/heartbeat-9.4pkg:apk/chainguard/heartbeat-fips-8.19pkg:apk/chainguard/heartbeat-fips-8.19-oci-entrypointpkg:apk/chainguard/heartbeat-fips-9.1pkg:apk/chainguard/heartbeat-fips-9.1-oci-entrypointpkg:apk/chainguard/heartbeat-fips-9.2pkg:apk/chainguard/heartbeat-fips-9.2-oci-entrypointpkg:apk/chainguard/heartbeat-fips-9.3pkg:apk/chainguard/heartbeat-fips-9.4pkg:apk/chainguard/metricbeat-8.19pkg:apk/chainguard/metricbeat-8.19-oci-entrypointpkg:apk/chainguard/metricbeat-9.1pkg:apk/chainguard/metricbeat-9.1-oci-entrypointpkg:apk/chainguard/metricbeat-9.2pkg:apk/chainguard/metricbeat-9.2-oci-entrypointpkg:apk/chainguard/metricbeat-9.3pkg:apk/chainguard/metricbeat-9.4pkg:apk/chainguard/metricbeat-fips-8.19pkg:apk/chainguard/metricbeat-fips-9.1pkg:apk/chainguard/metricbeat-fips-9.2pkg:apk/chainguard/metricbeat-fips-9.3pkg:apk/chainguard/metricbeat-fips-9.4pkg:golang/github.com/elastic/beatspkg:golang/github.com/elastic/beats/v7pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6
< 0+ 78 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 8.19.11-r0
- (no CPE)range: < 9.2.3-r1
- (no CPE)range: < 9.2.3-r1
- (no CPE)range: < 8.19.11-r0
- (no CPE)range: < 9.2.3-r1
- (no CPE)range: < 9.2.3-r1
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.4.2-r2
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.4.1-r4
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 8.19.12-r0
- (no CPE)range: < 9.2.6-r0
- (no CPE)range: < 9.3.1-r0
- (no CPE)range: < 8.19.12-r0
- (no CPE)range: < 9.2.6-r0
- (no CPE)range: < 9.3.0-r2
- (no CPE)range: < 9.2.3-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.4.2-r2
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.4.1-r4
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.4.2-r2
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.4.1-r4
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.4.2-r2
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 9.4.1-r4
- (no CPE)range: <= 7.6.2
- (no CPE)range: >= 7.7.0, < 8.19.9
- (no CPE)range: < 0.0.20260123T022811-150000.1.140.1
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-2mj3-6grc-px38ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-68383ghsaADVISORY
- discuss.elastic.co/t/filebeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-32/384180ghsaWEB
- github.com/elastic/beats/commit/27a168fb1c598d4a16748e9a7382bc0d197335a5ghsaWEB
- github.com/elastic/beats/commit/2f971a057eea68e057b47829950cd8c26805df30ghsaWEB
- github.com/elastic/beats/commit/339fa3f887a14c91e0c955b50a3b8819393bd632ghsaWEB
News mentions
0No linked articles in our index yet.