Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Ubuntu 25.04: 7431-2 critical: HAProxy denial of service

Calendar Apr 23, 2025 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service Ubuntu arbitrary code network traffic HAProxy
HAProxy could be made to crash or run programs if it received specially crafted network traffic. 
==========================================================================
Ubuntu Security Notice USN-7431-2
April 23, 2025

haproxy vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04

Summary:

HAProxy could be made to crash or run programs if it received specially
crafted network traffic.

Software Description:
- haproxy: fast and reliable load balancing reverse proxy

Details:

USN-7431-1 fixed a vulnerability in HAProxy. This update provides the
corresponding update for Ubuntu 25.04.

Original advisory details:

  Aleandro Prudenzano and Edoardo Geraci discovered that HAProxy incorrectly
  handled certain uncommon configurations that replace multiple short
  patterns with a longer one. A remote attacker could use this issue to
  cause HAProxy to crash, resulting in a denial of service, or possibly
  execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
   haproxy                         3.0.8-1ubuntu1.1

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-7431-2
   https://ubuntu.com/security/notices/USN-7431-1
   CVE-2025-32464

Package Information:
   https://launchpad.net/ubuntu/+source/haproxy/3.0.8-1ubuntu1.1

Ubuntu 25.04: 7431-2 critical: HAProxy denial of service

ubuntu
Calendar Grey April 23, 2025
Dist Ubuntu Esm H88
A security flaw in HAProxy for Ubuntu 25.04 may allow attackers to induce crashes or run unregulated code via specially crafted requests.
HAProxy could be made to crash or run programs if it received specially crafted network traffic.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 Summary: HAProxy could be made to crash or run programs if it received specially crafted network traffic. Software Description: - haproxy: fast and reliable load balancing reverse proxy Details: USN-7431-1 fixed a vulnerability in HAProxy. This update provides the corresponding update for Ubuntu 25.04. Original advisory details: Aleandro Prudenzano and Edoardo Geraci discovered that HAProxy incorrectly handled certain uncommon configurations that replace multiple short patterns with a longer one. A remote attacker could use this issue to cause HAProxy to crash, resulting in a denial of service, or possibly execute arbitrary code.

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu arbitrary code network traffic HAProxy

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 haproxy 3.0.8-1ubuntu1.1 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7431-2

https://ubuntu.com/security/notices/USN-7431-1

CVE-2025-32464

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7431-2

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu arbitrary code network traffic HAProxy

Package Information

https://launchpad.net/ubuntu/+source/haproxy/3.0.8-1ubuntu1.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here