Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Ubuntu 25.10 Valkey Critical Issues CVE-2025-67733 CVE-2026-21863

Calendar Mar 18, 2026 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu valkey information injection
Several security issues were fixed in Valkey. 
==========================================================================
Ubuntu Security Notice USN-8106-1
March 18, 2026

valkey vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS

Summary:

Several security issues were fixed in Valkey.

Software Description:
- valkey: Persistent key-value database with network interface

Details:

It was discovered that Valkey incorrectly handled errors for lua scripts.
An attacker could possibly use this issue to inject arbitrary information
into the response stream for other clients. (CVE-2025-67733)

It was discovered that Valkey incorrectly handled malformed cluster bus
messages. A remote attacker could possibly use this issue to cause Valkey
to crash, resulting in a denial of service. (CVE-2026-21863)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  valkey-server                   8.1.6+dfsg1-0ubuntu0.1

Ubuntu 24.04 LTS
  valkey-server                   7.2.12+dfsg1-0ubuntu0.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
  https://ubuntu.com/security/notices/USN-8106-1
  CVE-2025-67733, CVE-2026-21863

Package Information:
  https://launchpad.net/ubuntu/+source/valkey/8.1.6+dfsg1-0ubuntu0.1
  https://launchpad.net/ubuntu/+source/valkey/7.2.12+dfsg1-0ubuntu0.1

Ubuntu 25.10 Valkey Critical Issues CVE-2025-67733 CVE-2026-21863

ubuntu
Calendar Grey March 18, 2026
Dist Ubuntu Esm H88
Valkey's latest advisory details critical issues that may affect Ubuntu users. Timely updates are recommended for protection.
Several security issues were fixed in Valkey.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS Summary: Several security issues were fixed in Valkey. Software Description: - valkey: Persistent key-value database with network interface Details: It was discovered that Valkey incorrectly handled errors for lua scripts. An attacker could possibly use this issue to inject arbitrary information into the response stream for other clients. (CVE-2025-67733) It was discovered that Valkey incorrectly handled malformed cluster bus messages. A remote attacker could possibly use this issue to cause Valkey to crash, resulting in a denial of service. (CVE-2026-21863)

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu valkey information injection

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 valkey-server 8.1.6+dfsg1-0ubuntu0.1 Ubuntu 24.04 LTS valkey-server 7.2.12+dfsg1-0ubuntu0.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8106-1

CVE-2025-67733, CVE-2026-21863

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8106-1

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu valkey information injection

Package Information

https://launchpad.net/ubuntu/+source/valkey/8.1.6+dfsg1-0ubuntu0.1 https://launchpad.net/ubuntu/+source/valkey/7.2.12+dfsg1-0ubuntu0.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here