Project

General

Profile

Known issues

Known issues as of 3.0RC1.

Open Issues

CUDA

The CUDA pattern scanning support is broken. We're looking for volunteers to fix it. It may get removed if no one steps up.

PCRE

A known broken PCRE version based on libpcre 8.35 contains a stack corruption bug. This leads to risk of crashes with certain rules + certain traffic. https://redmine.openinfosecfoundation.org/issues/1693
To address this we have disabled PCRE JIT on that pcre version.

Recommended solution is to install your own libpcre version for those distros that have only version 8.35

Example(extra info) - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819050

NFQ+bridge

Using NFQ on a bridge is known to be problematic. As far as we know this is a kernel/netfilter issue that we can't fix in user space.

If you need to run Suricata as a bridge you can use AF_PACKET or NETMAP instead.

See for example: #2188 #2135

Other issues

We track issues in our Redmine installation at https://redmine.openinfosecfoundation.org/projects/suricata/issues