Integer Overflow in several Redis commands can lead to denial of service.
CVE-2023-25155

5.5MEDIUM

Key Information:

Vendor
Redis
Status
Redis
Vendor
CVE Published:
2 March 2023

Summary

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.

Affected Version(s)

redis < 6.0.18 < 6.0.18

redis >= 7.0.0, < 7.0.9 < 7.0.0, 7.0.9

redis >= 6.2.0, < 6.2.11 < 6.2.0, 6.2.11

References

https://github.com/redis/redis/security/advisories/GHSA-x...
x_refsource_CONFIRM
https://github.com/redis/redis/commit/2a2a582e7cd99ba3b53...
x_refsource_MISC
https://github.com/redis/redis/releases/tag/6.0.18
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.