Ubuntu 24.04 Redis Critical Lua Denial of Service Vulnerability USN-8169-1
ubuntu
April 14, 2026
Several security issues were fixed in Redis, lua5.1, lua-cjson, lua-bitop.
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Redis, lua5.1, lua-cjson, lua-bitop. Software Description: - redis: Persistent key-value database with network interface - lua-bitop: fast bit manipulation library for the Lua language - lua-cjson: JSON parser/encoder for Lua language - lua5.1: Lua is an embeddable scripting language Details: It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in lua5.1 on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2025-49844) It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code....
Read the Full Advisory
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS redis 5:7.0.15-1ubuntu0.24.04.4 redis-sentinel 5:7.0.15-1ubuntu0.24.04.4 redis-server 5:7.0.15-1ubuntu0.24.04.4 redis-tools 5:7.0.15-1ubuntu0.24.04.4 Ubuntu 22.04 LTS liblua5.1-0 5.1.5-8.1ubuntu0.22.04.1~esm1 Available with Ubuntu Pro liblua5.1-0-dev 5.1.5-8.1ubuntu0.22.04.1~esm1 Available with Ubuntu Pro liblua5.1-bitop-dev 1.0.2-5ubuntu0.22.04.1~esm2 Available with Ubuntu Pro liblua5.1-bitop0 1.0.2-5ubuntu0.22.04.1~esm2 Available with Ubuntu Pro lua-bitop 1.0.2-5ubuntu0.22.04.1~esm2 Available with Ubuntu Pro lua-bitop-dev 1.0.2-5ubuntu0.22.04.1~esm2 Available with Ubuntu Pro lua-cjson 2.1.0+dfsg-2.1ubuntu0.22.04.1~esm2 Available with Ubuntu Pro lua-cjson-dev 2.1.0+dfsg-2.1ubuntu0.22.04.1~esm2 Available with Ubuntu Pro lua5.1 5.1.5-8.1ubuntu0.22.04.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS liblua5.1-0 5.1.5-8.1ubuntu0.20.04.1~esm1 Available with Ubuntu Pro liblua5.1-0-dev 5.1.5-8.1ubuntu0.20.04.1~esm1 Available with Ubuntu Pro liblua5.1-bitop-dev 1.0.2-5ubuntu0.20.04.1~esm2 Available with Ubuntu Pro liblua5.1-bitop0 1.0.2-5ubuntu0.20.04.1~esm2 Available with Ubuntu Pro lua-bitop 1.0.2-5ubuntu0.20.04.1~esm2 Available with Ubuntu Pro lua-bitop-dev 1.0.2-5ubuntu0.20.04.1~esm2 Available with Ubuntu Pro lua-cjson 2.1.0+dfsg-2.1ubuntu0.20.04.1~esm2 Available with Ubuntu Pro lua-cjson-dev 2.1.0+dfsg-2.1ubuntu0.20.04.1~esm2 Available with Ubuntu Pro lua5.1 5.1.5-8.1ubuntu0.20.04.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS redis 5:4.0.9-1ubuntu0.2+esm7 Available with Ubuntu Pro redis-sentinel 5:4.0.9-1ubuntu0.2+esm7 Available with Ubuntu Pro redis-server 5:4.0.9-1ubuntu0.2+esm7 Available with Ubuntu Pro redis-tools 5:4.0.9-1ubuntu0.2+esm7 Available with Ubuntu Pro Ubuntu 16.04 LTS redis-sentinel 2:3.0.6-1ubuntu0.4+esm5 Available with Ubuntu Pro redis-server 2:3.0.6-1ubuntu0.4+esm5 Available with Ubuntu Pro redis-tools 2:3.0.6-1ubuntu0.4+esm5 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-8169-1
CVE-2022-24834, CVE-2024-31449, CVE-2025-49844
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-8169-1
Topics Covered
Package Information
https://launchpad.net/ubuntu/+source/redis/5:7.0.15-1ubuntu0.24.04.4
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!