Unrated severityOSV Advisory· Published Jan 27, 2026· Updated Jan 28, 2026
Suricata detect/alert: heap-use-after-free on alert queue expansion
CVE-2026-22264
Description
Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.14, an unsigned integer overflow can lead to a heap use-after-free condition when generating excessive amounts of alerts for a single packet. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not run untrusted rulesets or run with less than 65536 signatures that can match on the same packet.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/OISF/suricata/commit/549d7bf60616de8e54686a188196453b5b22f715mitrex_refsource_MISC
- github.com/OISF/suricata/commit/5789a3d3760dbf33d93fc56c27bd9529e5bdc8f2mitrex_refsource_MISC
- github.com/OISF/suricata/commit/ac1eb394181530430fb7262969f423a1bf8f209bmitrex_refsource_MISC
- github.com/OISF/suricata/security/advisories/GHSA-mqr8-m3m4-2hw5mitrex_refsource_CONFIRM
- redmine.openinfosecfoundation.org/issues/8190mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.