BIT-VALKEY-2025-32023 Redis allows out of bounds writes in hyperloglog commands leading to RCE

Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The...

BIT-REDIS-2025-32023 Redis allows out of bounds writes in hyperloglog commands leading to RCE

Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The...

SUSE-SU-2025:03073-1 Security update for redis

This update for redis fixes the following issues: - CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. bsc1246059 - CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation an...

Security update for redis

This update for redis fixes the following issues: CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. bsc1246059 CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation and Do...

CVE-2025-32023 Redis allows out of bounds writes in hyperloglog commands leading to RCE

Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The...

FreeBSD : redis,valkey -- Out of bounds write in hyperloglog commands leads to RCE (f11d0a69-5b2d-11f0-b507-000c295725e4)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f11d0a69-5b2d-11f0-b507-000c295725e4 advisory. Seunghyun Lee reports: An authenticated user may use a specially crafted string to trigger a stack/heap...

OPENSUSE-SU-2017:2984-1 Security update for redis

This update for redis to version 4.0.2 fixes the following issues: - CVE-2016-8339: CONFIG SET client-output-buffer-limit Code Execution Vulnerability boo1002351 The following upstream changes are included: - SLOWLOG now logs the offending client name and address - The modules native data types R...