Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu: 7431-1 moderate: HAProxy denial of service risk

ubuntu
Calendar Grey April 10, 2025
Dist Ubuntu Esm H88
A critical HAProxy flaw might result in service interruptions or unauthorized execution, necessitating swift patches for Ubuntu installations.
HAProxy could be made to crash or run programs if it received specially crafted network traffic.

Summary

HAProxy could be made to crash or run programs if it received specially

crafted network traffic.

Software Description:

- haproxy: fast and reliable load balancing reverse proxy

Details:

Aleandro Prudenzano and Edoardo Geraci discovered that HAProxy incorrectly

handled certain uncommon configurations that replace multiple short

patterns with a longer one. A remote attacker could use this issue to cause

HAProxy to crash, resulting in a denial of service, or possibly execute

arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
   haproxy                         2.9.10-1ubuntu1.2

Ubuntu 24.04 LTS
   haproxy                         2.8.5-1ubuntu3.3

Ubuntu 22.04 LTS
   haproxy                         2.4.24-0ubuntu0.22.04.2

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7431-1

CVE-2025-32464

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7431-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here