redis security and bug fix update

🗓️ 15 Nov 2022 06:15:29Reported by Rockylinux Product ErrataType

Update available for Redis affecting Rocky Linux 9. Security fixes for code injection via Lua script execution and malformed Lua script causing crashes

Reporter	Title	Published	Views	Family All 182
IBM Security Bulletins	Security Bulletin: IBM QRadar Advisor With Watson App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	30 May 202318:55	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Redis affect IBM Event Streams (CVE-2022-24736, CVE-2022-24735)	30 Sep 202213:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Planning Analytics Workspace is affected but not considered vulnerable to multiple vulnerabilities	26 Mar 202504:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Assistant App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	29 Jan 202520:13	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Redis affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift (CVE-2022-24736, CVE-2022-24735)	13 Dec 202215:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway affected by vulnerabilities in Redis	29 Jul 202220:03	–	ibm
Tenable Nessus	Amazon Linux 2022 : redis6, redis6-devel (ALAS2022-2022-115)	6 Sep 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2022 : redis6, redis6-devel (ALAS2022-2022-199)	5 Nov 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2023-064)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : redis (ALASREDIS6-2023-003)	27 Sep 202300:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Rocky Linux	9	aarch64	redis	0:6.2.7-1.el9	redis-0:6.2.7-1.el9.aarch64.rpm
Rocky Linux	9	ppc64le	redis	0:6.2.7-1.el9	redis-0:6.2.7-1.el9.ppc64le.rpm
Rocky Linux	9	s390x	redis	0:6.2.7-1.el9	redis-0:6.2.7-1.el9.s390x.rpm
Rocky Linux	9	x86_64	redis	0:6.2.7-1.el9	redis-0:6.2.7-1.el9.x86_64.rpm
Rocky Linux	9	aarch64	redis-debuginfo	0:6.2.7-1.el9	redis-debuginfo-0:6.2.7-1.el9.aarch64.rpm
Rocky Linux	9	ppc64le	redis-debuginfo	0:6.2.7-1.el9	redis-debuginfo-0:6.2.7-1.el9.ppc64le.rpm
Rocky Linux	9	s390x	redis-debuginfo	0:6.2.7-1.el9	redis-debuginfo-0:6.2.7-1.el9.s390x.rpm
Rocky Linux	9	x86_64	redis-debuginfo	0:6.2.7-1.el9	redis-debuginfo-0:6.2.7-1.el9.x86_64.rpm
Rocky Linux	9	aarch64	redis-debugsource	0:6.2.7-1.el9	redis-debugsource-0:6.2.7-1.el9.aarch64.rpm
Rocky Linux	9	ppc64le	redis-debugsource	0:6.2.7-1.el9	redis-debugsource-0:6.2.7-1.el9.ppc64le.rpm

15 Nov 2022 06:15Current

7.3High risk

Vulners AI Score7.3

CVSS 26.8

CVSS 3.13.9 - 7.8

EPSS0.01725

SSVC