CVE-2025-27151 redis-check-aof may lead to stack overflow and potential RCE

🗓️ 29 May 2025 09:07:34Reported by GitHub_MType

CVE-2025-27151 in redis-check-aof causes stack overflow and potential remote code execution risk.

Reporter	Title	Published	Views	Family All 136
IBM Security Bulletins	Security Bulletin: Buffer overflow, uncontrolled recursion, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service	29 Sep 202516:06	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)	21 Oct 202514:44	–	ibm
FreeBSD	redis,valkey -- {redis,valkey}-check-aof may lead to stack overflow and potential RCE	28 May 202500:00	–	freebsd
Tenable Nessus	AlmaLinux 10 : valkey (ALSA-2025:11401)	9 Oct 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : redis:7 (ALSA-2025:12008)	30 Jul 202500:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: valkey (CVE-2025-27151)	22 Jan 202600:00	–	nessus
Tenable Nessus	Debian dsa-5969 : redis - security update	31 Jul 202500:00	–	nessus
Tenable Nessus	Fedora 41 : valkey (2025-00e79c49ca)	13 Oct 202500:00	–	nessus
Tenable Nessus	Fedora 42 : valkey (2025-3055a5b407)	12 Oct 202500:00	–	nessus
Tenable Nessus	Fedora 41 : valkey (2025-34895333b5)	24 Jul 202500:00	–	nessus

[
  {
    "vendor": "redis",
    "product": "redis",
    "versions": [
      {
        "version": ">= 7.0.0, < 8.0.2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/redis/redis/commit/643b5db235cb82508e72f11c7b4bbfc7dc39be56
github	www.github.com/redis/redis/releases/tag/8.0.2
github	www.github.com/redis/redis/security/advisories/GHSA-5453-q98w-cmvm

29 May 2025 09:07Current

CVSS 3.14.7

EPSS0.00785