Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands.
The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Red Hat Enterprise Linux 10 | RedHat | valkey-0:8.0.4-1.el10_0 | * |
Red Hat Enterprise Linux 8 | RedHat | redis:6-8100020250716063446.489197e6 | * |
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | redis:6-8040020250801055559.522a0ee4 | * |
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | RedHat | redis:6-8040020250801055559.522a0ee4 | * |
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | RedHat | redis:6-8060020250731141235.ad008a3a | * |
Red Hat Enterprise Linux 8.6 Telecommunications Update Service | RedHat | redis:6-8060020250731141235.ad008a3a | * |
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | RedHat | redis:6-8060020250731141235.ad008a3a | * |
Red Hat Enterprise Linux 8.8 Telecommunications Update Service | RedHat | redis:6-8080020250730132007.63b34585 | * |
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | RedHat | redis:6-8080020250730132007.63b34585 | * |
Red Hat Enterprise Linux 9 | RedHat | redis-0:6.2.19-1.el9_6 | * |
Red Hat Enterprise Linux 9 | RedHat | redis:7-9060020250716081121.9 | * |
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | RedHat | redis-0:6.2.6-1.el9_0.4 | * |
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | RedHat | redis-0:6.2.7-1.el9_2.4 | * |
Red Hat Enterprise Linux 9.4 Extended Update Support | RedHat | redis-0:6.2.7-1.el9_4.4 | * |
Red Hat Enterprise Linux 9.4 Extended Update Support | RedHat | redis:7-9040020250730125543.9 | * |
Redict | Ubuntu | oracular | * |
Redis | Ubuntu | oracular | * |
Valkey | Ubuntu | oracular | * |