CVE-2026-31932

Suricata krb5: quadratic complexity in krb5 buffering

CVSS 7.5 HIGHEPSS 0.3%CWE-407

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffering can lead to performance degradation. This issue has been patched in versions 7.0.15 and 8.0.4.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

OISF · suricata

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/OISF/suricata/security/advisories/GHSA-rp9m-jcpw-hggr https://redmine.openinfosecfoundation.org/issues/8305