redis -- multiple vulnerabilities

2021-05-0300:00:00

vuxml.freebsd.org

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.5%

JSON

Redis project reports:

Vulnerability in the STRALGO LCS command

      An integer overflow bug in Redis version 6.0 or newer could be
      exploited using the STRALGO LCS command to corrupt the heap and
      potentially result with remote code execution.

Vulnerability in the COPY command for large intsets

      An integer overflow bug in Redis 6.2 could be exploited to corrupt
      the heap and potentially result with remote code execution.
      The vulnerability involves changing the default set-max-intset-entries
      configuration value, creating a large set key that consists of
      integer values and using the COPY command to duplicate it.
      The integer overflow bug exists in all versions of Redis starting
      with 2.6, where it could result with a corrupted RDB or DUMP payload,
      but not exploited through COPY (which did not exist before 6.2).

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchredis= 6.0.0UNKNOWN
FreeBSDanynoarchredis< 6.0.13UNKNOWN
FreeBSDanynoarchredis-devel= 6.2.0UNKNOWN
FreeBSDanynoarchredis-devel< 6.2.3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	redis	= 6.0.0	UNKNOWN
FreeBSD	any	noarch	redis	< 6.0.13	UNKNOWN
FreeBSD	any	noarch	redis-devel	= 6.2.0	UNKNOWN
FreeBSD	any	noarch	redis-devel	< 6.2.3	UNKNOWN