CVE-2025-29918: Suricata pcre: negated pcr can cause infinite loop

6.2 CVSS

Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability in inline mode. This vulnerability is fixed in 7.0.9.

Classification

CVE ID: CVE-2025-29918

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.2

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem Types

CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

Affected Products

Vendor: OISF

Product: suricata

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 4.6% (scored less or equal to compared to others)

EPSS Date: 2025-04-20 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-29918
https://github.com/OISF/suricata/security/advisories/GHSA-924c-vvm5-9mqx
https://github.com/OISF/suricata/commit/b14c67cbdf25fa6c7ffe0d04ddf3ebe67b12b50b
https://redmine.openinfosecfoundation.org/issues/7526

Timeline

2025-04-10 22:40:19 UTC
CVE

Suricata pcre: negated pcr can cause infinite loop