Lucene search
Gentoo FoundationMGASA-2023-0301HistoryOct 24, 2023 - 8:25 p.m.
Updated redis package fixes a security vulnerability
2023-10-2420:25:46
Gentoo Foundation
advisories.mageia.org
13
redis
upstream
security vulnerability
unix socket
race condition
cve-2023-45145
3.6 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
0.0004 Low
EPSS
Percentile
10.6%
Redis upstream published a fix for CVE-2023-45145. CVE-2023-45145: The wrong order of listen(2) and chmod(2) calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 9 | noarch | redis | < 7.0.14-1 | redis-7.0.14-1.mga9 |
Related
openvas
openvas
Fedora: Security Advisory for redis (FEDORA-2023-77ed1e26a4)
2023-10-28 00:00:00
openSUSE: Security Advisory for redis7 (SUSE-SU-2024:0200-1)
2024-03-04 00:00:00
cvelist
cvelist
osv
osv
BIT-redis-2023-45145
2024-03-06 11:03:25
CVE-2023-45145
2023-10-18 21:15:09
BIT-2023-45145
2023-10-31 07:27:24
alpinelinux
alpinelinux
CVE-2023-45145
2023-10-18 21:15:09
nessus
nessus
Fedora 39 : redis (2023-fd75e4f307)
2023-11-07 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : redis7 (SUSE-SU-2024:0200-1)
2024-01-24 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2023:4290-1)
2023-11-01 00:00:00
ibm
ibm
cve
cve
CVE-2023-45145
2023-10-18 21:15:09
fedora
fedora
[SECURITY] Fedora 38 Update: redis-7.0.14-1.fc38
2023-10-27 01:26:50
[SECURITY] Fedora 37 Update: redis-7.0.14-1.fc37
2023-10-27 01:12:03
[SECURITY] Fedora 39 Update: redis-7.2.2-1.fc39
2023-11-03 19:01:14
redos
redos
ROS-20231030-06
2023-10-30 00:00:00
veracode
veracode
Race Condition
2023-10-20 05:33:12
cbl_mariner
cbl_mariner
CVE-2023-45145 affecting package redis for versions less than 6.2.14-1
2023-11-08 02:07:28
freebsd
freebsd
redis -- Possible bypassing Unix socket permissions
2023-10-18 00:00:00
prion
prion
Race condition
2023-10-18 21:15:00
ubuntucve
ubuntucve
CVE-2023-45145
2023-10-18 00:00:00
debiancve
debiancve
CVE-2023-45145
2023-10-18 21:15:09
nvd
nvd
CVE-2023-45145
2023-10-18 21:15:09
redhatcve
redhatcve
CVE-2023-45145
2023-10-18 23:57:26
debian
debian
[SECURITY] [DLA 3627-1] redis security update
2023-10-23 13:01:00
[SECURITY] [DSA 5610-1] redis security update
2024-01-29 21:15:54
photon
photon
Moderate Photon OS Security Update - PHSA-2023-5.0-0125
2023-10-25 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0497
2023-10-25 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0673
2023-10-26 00:00:00
ubuntu
ubuntu
Redis vulnerabilities
2023-12-05 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
3.6 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
0.0004 Low
EPSS
Percentile
10.6%
Related for MGASA-2023-0301