CVE Details
Basic Information
| Title | LibHTP’s memory leak with lzma can lead to resource starvation |
|---|---|
| Type | cve |
| Published | 2025-07-23T20:35:30.824Z |
| Modified | 2025-07-23T20:48:59.864Z |
Product Information
| Vendor | OISF |
|---|---|
| Product | libhtp |
| Version | < 0.5.51 |
CVSS Information
| Base Score | 7.5 (HIGH) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
AI Analysis
| AI Description | A memory leak in LibHTP versions 0.5.50 and below can cause resource starvation due to improper handling of lzma-enabled configurations. This can lead to loss of visibility and is fixed in version 0.5.51. |
|---|---|
| AI Severity | High |
| AI Vendor | OISF |
| AI Product | LibHTP |
| AI Version | < 0.5.51 |
Affected Products
- OISF libhtp < 0.5.51
Additional Information
| CWE List | CWE-401 |
|---|---|
| Source | GitHub_M |
Description
LibHTP is a security-aware parser for the HTTP protocol and its related bits and pieces. In versions 0.5.50 and below, there is a traffic-induced memory leak that can starve the process of memory, leading to loss of visibility. To workaround this issue, set `suricata.yaml app-layer.protocols.http.libhtp.default-config.lzma-enabled` to false. This issue is fixed in version 0.5.51.