redis,valkey -- Lua Use-After-Free may lead to remote code execution

redis reports: An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. An additional workaround to mitigate the problem...

PT-2025-40592

Name of the Vulnerable Software and Affected Versions Redis versions 8.2.1 and below Description Redis, an in-memory database, has an issue where an authenticated user can use a crafted Lua script to manipulate LUA objects and potentially execute code in another user's context. This affects all...