Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Suricata may crash if attacked with crafted HTTP2 frames
DEBIAN-CVE-2026-31935
Summary
Suricata, a network security tool, can be taken down by a specific type of malicious traffic. This means it won't be available to detect and prevent other threats. Update to version 7.0.15 or 8.0.4 to protect your system.
What to do
- Update debian suricata to version 1:8.0.4-1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| debian | suricata | All versions | – |
| debian | suricata | All versions | – |
| debian | suricata | All versions | – |
| debian | suricata | <= 1:8.0.4-1 | 1:8.0.4-1 |
Original title
Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, flooding of craft HTTP2 continuation frames can lead to memory exhaustion, usually resulting in the Suricata proce...
Original description
Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, flooding of craft HTTP2 continuation frames can lead to memory exhaustion, usually resulting in the Suricata process being shut down by the operating system. This issue has been patched in versions 7.0.15 and 8.0.4.
- https://security-tracker.debian.org/tracker/CVE-2026-31935 Vendor Advisory
Published: 2 Apr 2026 · Updated: 3 Apr 2026 · First seen: 3 Apr 2026