- Vulnerability/
- USN-3995-1
USN-3995-1: Keepalived vulnerability
First published: Tue May 28 2019(Updated: )
It was discovered that Keepalived incorrectly handled certain HTTP status response codes. A remote attacker could use this issue to cause Keepalived to crash, resulting in a denial of service, or possibly execute arbitrary code.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/keepalived | <1:1.3.9-1ubuntu1.1 | 1:1.3.9-1ubuntu1.1 |
| =18.10 | ||
| All of | ||
| ubuntu/keepalived | <1:1.3.9-1ubuntu0.18.04.2 | 1:1.3.9-1ubuntu0.18.04.2 |
| =18.04 | ||
| All of | ||
| ubuntu/keepalived | <1:1.2.24-1ubuntu0.16.04.2 | 1:1.2.24-1ubuntu0.16.04.2 |
| =16.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2018-19115
- https://ubuntu.com/security/notices/USN-3995-2
- https://launchpad.net/ubuntu/+source/keepalived/1:1.3.9-1ubuntu1.1
- https://launchpad.net/ubuntu/+source/keepalived/1:1.3.9-1ubuntu0.18.04.2
- https://launchpad.net/ubuntu/+source/keepalived/1:1.2.24-1ubuntu0.16.04.2
- https://ubuntu.com/security/notices/USN-3995-1 (Advisory)
Frequently Asked Questions
What is the vulnerability ID for this Keepalived vulnerability?
The vulnerability ID for this Keepalived vulnerability is USN-3995-1.
What is the impact of the Keepalived vulnerability?
The Keepalived vulnerability can cause denial of service or potentially execute arbitrary code.
Which versions of Keepalived are affected by this vulnerability?
Versions 1.3.9-1ubuntu1.1, 1.3.9-1ubuntu0.18.04.2, and 1.2.24-1ubuntu0.16.04.2 of Keepalived are affected by this vulnerability.
How can I fix this Keepalived vulnerability?
To fix this Keepalived vulnerability, update Keepalived to version 1.3.9-1ubuntu1.1 if you are using Ubuntu 18.10, 1.3.9-1ubuntu0.18.04.2 if you are using Ubuntu 18.04, or 1.2.24-1ubuntu0.16.04.2 if you are using Ubuntu 16.04.
Where can I find more information about this Keepalived vulnerability?
You can find more information about this Keepalived vulnerability on the Ubuntu Security Notices page (USN-3995-1), the Ubuntu Security Advisory (CVE-2018-19115), and the Launchpad page for Keepalived.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- anchor-related/USN-3995-2
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/18.10
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04