Vulnerability CVE-2022-35951: Information
Description
Redis is an in-memory database that persists on disk. Versions 7.0.0 and above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an `XAUTOCLAIM` command on a stream key in a specific state, with a specially crafted `COUNT` argument may cause an integer overflow, a subsequent heap overflow, and potentially lead to remote code execution. This has been patched in Redis version 7.0.5. No known workarounds exist.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
redis | sisyphus | 7.0.12-alt1 | 7.2.4-alt1.1 | ALT-PU-2023-4982-3 | 327278 | Fixed |
redis | sisyphus_e2k | 7.0.12-alt1 | 7.2.4-alt1.1 | ALT-PU-2023-5079-1 | - | Fixed |
redis | sisyphus_riscv64 | 7.2.0-alt0.port | 7.2.4-alt0.port | ALT-PU-2023-5217-1 | - | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://github.com/redis/redis/security/advisories/GHSA-5gc4-76rx-22c9 |
|
GLSA-202209-17 |
|
https://security.netapp.com/advisory/ntap-20221020-0005/ |
|
FEDORA-2022-de7b3ceca6 |