CVE-2025-32464 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-32464 Interim 1 5 2025-06-04T23:13:48Z current 2025-04-09T23:11:55Z 2025-06-04T23:13:48Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-32464 HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-updates/2025-April/039003.html E-Mail link for SUSE-SU-2025:1264-1 https://lists.suse.com/pipermail/sle-updates/2025-April/039056.html E-Mail link for SUSE-SU-2025:1338-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise High Availability Extension 12 SP5 SUSE Linux Enterprise High Availability Extension 15 SP3 SUSE Linux Enterprise High Availability Extension 15 SP4 SUSE Linux Enterprise High Availability Extension 15 SP5 SUSE Linux Enterprise High Availability Extension 15 SP6 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro 5.5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Micro 6.0 SUSE Linux Micro 6.1 openSUSE Leap 15.6 openSUSE Tumbleweed haproxy haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1 haproxy-2.8.11+git0.01c1056a4-150600.3.6.1 haproxy-3.2.0+git0.e134140d2-2.1 haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP4 haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP5 haproxy-2.8.11+git0.01c1056a4-150600.3.6.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP6 haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1 as a component of SUSE Linux Enterprise Micro 5.3 haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1 as a component of SUSE Linux Enterprise Micro 5.4 haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1 as a component of SUSE Linux Enterprise Micro 5.5 haproxy-2.8.11+git0.01c1056a4-150600.3.6.1 as a component of openSUSE Leap 15.6 haproxy-3.2.0+git0.e134140d2-2.1 as a component of openSUSE Tumbleweed haproxy as a component of SUSE Linux Enterprise High Availability Extension 12 SP5 haproxy as a component of SUSE Linux Enterprise High Availability Extension 15 SP3 haproxy as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 haproxy as a component of SUSE Linux Micro 6.0 haproxy as a component of SUSE Linux Micro 6.1 HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one. CVE-2025-32464 SUSE Linux Enterprise High Availability Extension 15 SP4:haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1 SUSE Linux Enterprise High Availability Extension 15 SP5:haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1 SUSE Linux Enterprise High Availability Extension 15 SP6:haproxy-2.8.11+git0.01c1056a4-150600.3.6.1 SUSE Linux Enterprise Micro 5.3:haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1 SUSE Linux Enterprise Micro 5.4:haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1 SUSE Linux Enterprise Micro 5.5:haproxy-2.4.22+git0.f8e3218e2-150400.3.22.1 openSUSE Leap 15.6:haproxy-2.8.11+git0.01c1056a4-150600.3.6.1 openSUSE Tumbleweed:haproxy-3.2.0+git0.e134140d2-2.1 SUSE Linux Enterprise High Availability Extension 15 SP3:haproxy moderate 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H