Redis could be made to crash or run programs if it received specially
crafted network traffic.
Software Description:
- redis: Persistent key-value database with network interface
Details:
Seunghyun Lee discovered that Redis incorrectly handled memory during
hyperloglog operations. An attacker could use this issue to cause a denial
of service, or possibly achieve remote code execution.
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS redis 5:7.0.15-1ubuntu0.24.04.3 redis-server 5:7.0.15-1ubuntu0.24.04.3 After a standard system update you need to restart redis to make all the necessary changes.
https://ubuntu.com/security/notices/USN-8120-1
CVE-2025-32023
Get the latest Linux and open source security news straight to your inbox.