CVE-2026-31935 | THREATINT

Description

Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, flooding of craft HTTP2 continuation frames can lead to memory exhaustion, usually resulting in the Suricata process being shut down by the operating system. This issue has been patched in versions 7.0.15 and 8.0.4.

PUBLISHED Reserved 2026-03-10 | Published 2026-04-02 | Updated 2026-04-02 | Assigner GitHub_M

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

Product status

< 7.0.15

affected

>= 8.0.0, < 8.0.4

affected

References

github.com/...ricata/security/advisories/GHSA-vxrp-5pg7-7v4x

redmine.openinfosecfoundation.org/issues/8289

cve.org (CVE-2026-31935)

nvd.nist.gov (CVE-2026-31935)

Download JSON