Integer overflow in multiple Redis commands can lead to denial-of-service
CVE-2023-22458

5.5MEDIUM

Key Information:

Vendor

Redis

Status
Redis
Vendor
CVE Published:
20 January 2023

What is CVE-2023-22458?

Redis is an in-memory database that persists on disk. Authenticated users can issue a HRANDFIELD or ZRANDMEMBER command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected Version(s)

redis >= 6.2, < 6.2.9 < 6.2, 6.2.9

redis >= 7.0, < 7.0.8 < 7.0, 7.0.8

References

https://github.com/redis/redis/security/advisories/GHSA-r...
x_refsource_CONFIRM
https://github.com/redis/redis/commit/16f408b1a0121cacd44...
x_refsource_MISC
https://github.com/redis/redis/releases/tag/6.2.9
x_refsource_MISC

EPSS Score

66% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.