INFSA-2025:0917: keepalived security update
Information about definition
Identificator: INFSA-2025:0917
Type: security
Release date: 2025-03-17 12:57:30 UTC
Information about package
The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server (IPVS) kernel module providing layer-4 (transport layer) load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage a load balanced server pool according to the health of the servers. Keepalived also implements the Virtual Router Redundancy Protocol (VRRPv2) to achieve high availability with director failover.
Vulnerabilities description
- CVE-2024-41184
A flaw was found in the keepalived package. An integer overflow occurs when incorrect arguments are passed. As a result, reading from an undefined address takes place.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-41184
|
no information | 6.3 | no information |
Updated packages