<html>
<head>
<base href="https://bugzilla.rosalinux.ru/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Platform</th>
<td>2021.1
</td>
</tr>
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_CONFIRMED "
title="CONFIRMED - [CVE 21] redis 7.0.11 CVEs found"
href="https://bugzilla.rosalinux.ru/show_bug.cgi?id=13575">13575</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>[CVE 21] redis 7.0.11 CVEs found
</td>
</tr>
<tr>
<th>Classification</th>
<td>ROSA-based products
</td>
</tr>
<tr>
<th>Product</th>
<td>ROSA Fresh
</td>
</tr>
<tr>
<th>Version</th>
<td>All
</td>
</tr>
<tr>
<th>Hardware</th>
<td>All
</td>
</tr>
<tr>
<th>URL</th>
<td>CVE-2022-24834, CVE-2022-31144, CVE-2022-35951, CVE-2023-36824,
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>CONFIRMED
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>Normal
</td>
</tr>
<tr>
<th>Component</th>
<td>System (kernel, glibc, systemd, bash, PAM...)
</td>
</tr>
<tr>
<th>Assignee</th>
<td>bugs@lists.rosalinux.ru
</td>
</tr>
<tr>
<th>Reporter</th>
<td>y.tumanov@rosalinux.ru
</td>
</tr>
<tr>
<th>QA Contact</th>
<td>bugs@lists.rosalinux.ru
</td>
</tr>
<tr>
<th>CC</th>
<td>e.kosachev@rosalinux.ru, s.matveev@rosalinux.ru, y.tumanov@rosalinux.ru
</td>
</tr>
<tr>
<th>Target Milestone</th>
<td>---
</td>
</tr>
<tr>
<th>Flags</th>
<td>secteam_verified?
</td>
</tr></table>
<p>
<div>
<pre>Please patch CVEs for package redis version 7.0.11
INFO (CVEs are): redis 7.0.11
cves found
CVE-2022-24834
Desc: Redis is an in-memory database that persists on disk. A specially crafted
Lua script executing in Redis can trigger a heap overflow in the cjson library,
and result with heap corruption and potentially remote code execution. The
problem exists in all versions of Redis with Lua scripting support, starting
from 2.6, and affects only authenticated and authorized users. The problem is
fixed in versions 7.0.12, 6.2.13, and 6.0.20.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-24834">https://nvd.nist.gov/vuln/detail/CVE-2022-24834</a>
Severity: HIGH
CVE-2022-31144
Desc: Redis is an in-memory database that persists on disk. A specially crafted
`XAUTOCLAIM` command on a stream key in a specific state may result with heap
overflow, and potentially remote code execution. This problem affects versions
on the 7.x branch prior to 7.0.4. The patch is released in version 7.0.4.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-31144">https://nvd.nist.gov/vuln/detail/CVE-2022-31144</a>
Severity: HIGH
CVE-2022-35951
Desc: Redis is an in-memory database that persists on disk. Versions 7.0.0 and
above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an
`XAUTOCLAIM` command on a stream key in a specific state, with a specially
crafted `COUNT` argument may cause an integer overflow, a subsequent heap
overflow, and potentially lead to remote code execution. This has been patched
in Redis version 7.0.5. No known workarounds exist.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-35951">https://nvd.nist.gov/vuln/detail/CVE-2022-35951</a>
Severity: CRITICAL
CVE-2023-36824
Desc: Redis is an in-memory database that persists on disk. In Redit 7.0 prior
to 7.0.12, extracting key names from a command and a list of arguments may, in
some cases, trigger a heap overflow and result in reading random heap memory,
heap corruption and potentially remote code execution. Several scenarios that
may lead to authenticated users executing a specially crafted `COMMAND GETKEYS`
or `COMMAND GETKEYSANDFLAGS`and authenticated users who were set with ACL rules
that match key names, executing a specially crafted command that refers to a
variadic list of key names. The vulnerability is patched in Redis 7.0.12.
Link: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-36824">https://nvd.nist.gov/vuln/detail/CVE-2023-36824</a>
Severity: HIGH</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the QA Contact for the bug.</li>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>