What is the potential impact of USN-7359-1?

The vulnerability USN-7359-1 may allow an attacker to execute arbitrary code due to improper memory cleanup and resource access handling.

How do I patch USN-7359-1?

To fix the vulnerability USN-7359-1, upgrade to the updated package version 7.2.8+dfsg1-0ubuntu0.24.10.2 or 7.2.8+dfsg1-0ubuntu0.24.04.2 depending on your Ubuntu release.

Who is affected by USN-7359-1?

Users running affected packages like valkey-redis-compat, valkey-sentinel, valkey-server, or valkey-tools on Ubuntu 24.10 or 24.04 are at risk due to USN-7359-1.

What types of attackers can exploit USN-7359-1?

An authenticated attacker can exploit USN-7359-1 to gain unauthorized access or perform unauthorized actions due to improper handling of resource access permissions.

What are the recommended remediation steps for USN-7359-1?

It is recommended to apply the security update for USN-7359-1 immediately to mitigate any potential exploitation of the vulnerability.

Vulnerability/
USN-7359-1

19/3/2025

USN-7359-1: Valkey vulnerabilities

First published: Wed Mar 19 2025(Updated: )

It was discovered that Valkey did not properly handle memory cleanup. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-46981) It was discovered that Valkey did not properly handle resource access permissions. An authenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-51741)

Affected Software	Affected Version	How to fix
All of
ubuntu/valkey-redis-compat	<7.2.8+dfsg1-0ubuntu0.24.10.2	7.2.8+dfsg1-0ubuntu0.24.10.2
Ubuntu	=24.10
All of
ubuntu/valkey-sentinel	<7.2.8+dfsg1-0ubuntu0.24.10.2	7.2.8+dfsg1-0ubuntu0.24.10.2
Ubuntu	=24.10
All of
ubuntu/valkey-server	<7.2.8+dfsg1-0ubuntu0.24.10.2	7.2.8+dfsg1-0ubuntu0.24.10.2
Ubuntu	=24.10
All of
ubuntu/valkey-tools	<7.2.8+dfsg1-0ubuntu0.24.10.2	7.2.8+dfsg1-0ubuntu0.24.10.2
Ubuntu	=24.10
All of
ubuntu/valkey-redis-compat	<7.2.8+dfsg1-0ubuntu0.24.04.2	7.2.8+dfsg1-0ubuntu0.24.04.2
Ubuntu	=24.04
All of
ubuntu/valkey-sentinel	<7.2.8+dfsg1-0ubuntu0.24.04.2	7.2.8+dfsg1-0ubuntu0.24.04.2
Ubuntu	=24.04
All of
ubuntu/valkey-server	<7.2.8+dfsg1-0ubuntu0.24.04.2	7.2.8+dfsg1-0ubuntu0.24.04.2
Ubuntu	=24.04
All of
ubuntu/valkey-tools	<7.2.8+dfsg1-0ubuntu0.24.04.2	7.2.8+dfsg1-0ubuntu0.24.04.2
Ubuntu	=24.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the potential impact of USN-7359-1?
The vulnerability USN-7359-1 may allow an attacker to execute arbitrary code due to improper memory cleanup and resource access handling.
How do I patch USN-7359-1?
To fix the vulnerability USN-7359-1, upgrade to the updated package version 7.2.8+dfsg1-0ubuntu0.24.10.2 or 7.2.8+dfsg1-0ubuntu0.24.04.2 depending on your Ubuntu release.
Who is affected by USN-7359-1?
Users running affected packages like valkey-redis-compat, valkey-sentinel, valkey-server, or valkey-tools on Ubuntu 24.10 or 24.04 are at risk due to USN-7359-1.
What types of attackers can exploit USN-7359-1?
An authenticated attacker can exploit USN-7359-1 to gain unauthorized access or perform unauthorized actions due to improper handling of resource access permissions.
What are the recommended remediation steps for USN-7359-1?
It is recommended to apply the security update for USN-7359-1 immediately to mitigate any potential exploitation of the vulnerability.

collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/source
agent/last-modified-date
agent/title
agent/references
agent/first-publish-date
agent/tags
agent/description
agent/softwarecombine
agent/type
agent/event
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu
version/ubuntu/24.10
version/ubuntu/24.04