Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 24.04: LibHTP Important DoS Issues CVE-2025-53537 USN-7814-1

ubuntu
Calendar Grey October 9, 2025
Dist Ubuntu Esm H88
Several security issues in LibHTP can lead to multiple denial-of-service attacks for Ubuntu users.
Several security issues were fixed in LibHTP.

Summary

Several security issues were fixed in LibHTP.

Software Description:

- libhtp: Security-aware parser for the HTTP protocol

Details:

It was discovered that LibHTP did not correctly handle certain HTTP

headers. A remote attacker could possibly use this issue to cause a denial

of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,

Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-23837)

It was discovered that LibHTP did not correctly parse certain HTTP

requests. A remote attacker could possibly use this issue to cause a

denial of service. This issue only affected Ubuntu 20.04 LTS,

Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-28871)

It was discovered that LibHTP did not correctly parse certain HTTP

requests. A remote attacker could possibly use this issue to cause a

denial of service. (CVE-2024-45797)

It was discovered that LibHTP did not correctly handle certain memory

operations. A remote attacker could possibly use this issue to cause a

denial of service. T...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  libhtp-dev                      1:0.5.49-1ubuntu0.1
  libhtp2                         1:0.5.49-1ubuntu0.1

Ubuntu 24.04 LTS
  libhtp-dev                      1:0.5.46-1ubuntu2+esm1
                                  Available with Ubuntu Pro
  libhtp2                         1:0.5.46-1ubuntu2+esm1
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  libhtp-dev                      1:0.5.39-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libhtp2                         1:0.5.39-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  libhtp-dev                      1:0.5.32-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libhtp2                         1:0.5.32-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libhtp-dev                      1:0.5.26-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libhtp2                         1:0.5.26-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  libhtp-dev                      0.5.15-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libhtp1                         0.5.15-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7814-1

CVE-2024-23837, CVE-2024-28871, CVE-2024-45797, CVE-2025-53537

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7814-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here