Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2025-49844

Use After Free

Published: Oct 03, 2025 | Modified: Nov 12, 2025
CVSS 3.x
9.9
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
8.8 IMPORTANT
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Ubuntu
HIGH
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2025-49844
CWEhttps://cwe.mitre.org/data/definitions/416.html

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.

Weakness

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory “belongs” to the code that operates on the new pointer.

Affected Software

NameVendorStart VersionEnd Version
RedisRedis*6.2.20 (excluding)
RedisRedis7.0 (including)7.2.11 (excluding)
RedisRedis7.4.0 (including)7.4.6 (excluding)
RedisRedis8.0.0 (including)8.0.4 (excluding)
RedisRedis8.2.0 (including)8.2.2 (excluding)
Red Hat Enterprise Linux 10RedHatvalkey-0:8.0.6-1.el10_0*
Red Hat Enterprise Linux 10RedHatvalkey-0:8.0.6-2.el10_1*
Red Hat Enterprise Linux 8RedHatredis:6-8100020251007064521.489197e6*
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRedHatredis:6-8040020251022121413.522a0ee4*
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRedHatredis:6-8040020251022121413.522a0ee4*
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRedHatredis:6-8060020251022110425.ad008a3a*
Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRedHatredis:6-8060020251022110425.ad008a3a*
Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRedHatredis:6-8060020251022110425.ad008a3a*
Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRedHatredis:6-8080020251022085755.63b34585*
Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRedHatredis:6-8080020251022085755.63b34585*
Red Hat Enterprise Linux 9RedHatredis-0:6.2.20-1.el9_6*
Red Hat Enterprise Linux 9RedHatredis:7-9060020251007094800.9*
Red Hat Enterprise Linux 9RedHatredis-0:6.2.20-2.el9_7*
Red Hat Enterprise Linux 9RedHatredis:7-9070020251016095039.9*
Red Hat Enterprise Linux 9RedHatvalkey-0:8.0.6-2.el9_7*
Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRedHatredis-0:6.2.6-1.el9_0.5*
Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRedHatredis-0:6.2.7-1.el9_2.5*
Red Hat Enterprise Linux 9.4 Extended Update SupportRedHatredis:7-9040020251015162111.9*
Red Hat Enterprise Linux 9.4 Extended Update SupportRedHatredis-0:6.2.7-1.el9_4.5*
Red Hat OpenShift GitOps 1.16RedHatopenshift-gitops-1/gitops-rhel8-operator:sha256:c41c99f360a2515bce55c42e309e2c72500ba66d3a2c461412dee7de5ea9a9fa*
Red Hat OpenShift GitOps 1.17RedHatopenshift-gitops-1/gitops-rhel8-operator:sha256:2d228a645c52e829db1b0078458fb2ae0685a444c4a47bca01ef18dbc00e5d0c*
Red Hat OpenShift GitOps 1.18RedHatopenshift-gitops-1/gitops-rhel8-operator:sha256:7f6e588459ff59366a9f8f8f32a784806af11931f8584e46e1d53472a2e010a9*
RedictUbuntuplucky*
RedictUbuntuquesting*
RedisUbuntuesm-apps/bionic*
RedisUbuntuesm-apps/focal*
RedisUbuntuesm-apps/jammy*
RedisUbuntuesm-apps/noble*
RedisUbuntuesm-apps/xenial*
RedisUbuntuesm-infra-legacy/trusty*
RedisUbuntujammy*
RedisUbuntunoble*
RedisUbuntuplucky*
RedisUbuntuquesting*
RedisUbuntuupstream*
ValkeyUbuntudevel*
ValkeyUbuntuesm-apps/noble*
ValkeyUbuntunoble*
ValkeyUbuntuplucky*
ValkeyUbuntuquesting*

Potential Mitigations

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use