[Bugs] [Bug 13575] New: [CVE 21] redis 7.0.11 CVEs found

bugzilla bugzilla на rosalinux.ru
Ср Авг 23 23:22:59 MSK 2023 

https://bugzilla.rosalinux.ru/show_bug.cgi?id=13575

          Platform: 2021.1
            Bug ID: 13575
           Summary: [CVE 21] redis 7.0.11  CVEs found
    Classification: ROSA-based products
           Product: ROSA Fresh
           Version: All
          Hardware: All
               URL: CVE-2022-24834, CVE-2022-31144, CVE-2022-35951,
                    CVE-2023-36824,
                OS: Linux
            Status: CONFIRMED
          Severity: normal
          Priority: Normal
         Component: System (kernel, glibc, systemd, bash, PAM...)
          Assignee: bugs на lists.rosalinux.ru
          Reporter: y.tumanov на rosalinux.ru
        QA Contact: bugs на lists.rosalinux.ru
                CC: e.kosachev на rosalinux.ru, s.matveev на rosalinux.ru,
                    y.tumanov на rosalinux.ru
  Target Milestone: ---
             Flags: secteam_verified?

Please patch CVEs for package redis version 7.0.11

INFO (CVEs are): redis 7.0.11
 cves found
CVE-2022-24834
Desc: Redis is an in-memory database that persists on disk. A specially crafted
Lua script executing in Redis can trigger a heap overflow in the cjson library,
and result with heap corruption and potentially remote code execution. The
problem exists in all versions of Redis with Lua scripting support, starting
from 2.6, and affects only authenticated and authorized users. The problem is
fixed in versions 7.0.12, 6.2.13, and 6.0.20.
Link: https://nvd.nist.gov/vuln/detail/CVE-2022-24834
Severity: HIGH
CVE-2022-31144
Desc: Redis is an in-memory database that persists on disk. A specially crafted
`XAUTOCLAIM` command on a stream key in a specific state may result with heap
overflow, and potentially remote code execution. This problem affects versions
on the 7.x branch prior to 7.0.4. The patch is released in version 7.0.4.
Link: https://nvd.nist.gov/vuln/detail/CVE-2022-31144
Severity: HIGH
CVE-2022-35951
Desc: Redis is an in-memory database that persists on disk. Versions 7.0.0 and
above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an
`XAUTOCLAIM` command on a stream key in a specific state, with a specially
crafted `COUNT` argument may cause an integer overflow, a subsequent heap
overflow, and potentially lead to remote code execution. This has been patched
in Redis version 7.0.5. No known workarounds exist.
Link: https://nvd.nist.gov/vuln/detail/CVE-2022-35951
Severity: CRITICAL
CVE-2023-36824
Desc: Redis is an in-memory database that persists on disk. In Redit 7.0 prior
to 7.0.12, extracting key names from a command and a list of arguments may, in
some cases, trigger a heap overflow and result in reading random heap memory,
heap corruption and potentially remote code execution. Several scenarios that
may lead to authenticated users executing a specially crafted `COMMAND GETKEYS`
or `COMMAND GETKEYSANDFLAGS`and authenticated users who were set with ACL rules
that match key names, executing a specially crafted command that refers to a
variadic list of key names. The vulnerability is patched in Redis 7.0.12.


Link: https://nvd.nist.gov/vuln/detail/CVE-2023-36824
Severity: HIGH

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
----------- следущая часть -----------
Вложение в формате HTML было извлечено…
URL: <http://lists.rosalinux.ru/pipermail/bugs/attachments/20230823/6cb6a597/attachment.html>

Подробная информация о списке рассылки Bugs