Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: redis (UTSA-2025-799388)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-799388 advisory. Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially...

redis: Redis Hyperloglog Out-of-Bounds Write Vulnerability

A flaw was found in Redis. This flaw allows an authenticated user to trigger an integer overflow by sending a specially crafted string, resulting in a stack or heap out-of-bounds write during hyperloglog operations. This issue potentially results in remote code execution...

The vulnerability of the HyperLogLog algorithm in the resident database management system for NoSQL Redis allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the HyperLogLog algorithm in the resident database management system for NoSQL Redis stems from a flaw in the HyperLogLog data structure during the execution of the SETRANGE command. This flaw allows up to 12 bytes of information to be added beyond the stack limit. Exploiting...

The vulnerability of the HyperLogLog algorithm in a resident database management system for NoSQL Redis lies in the fact that the output of the operation may exceed the buffer limits in memory. This allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the HyperLogLog algorithm in the resident database management system for NoSQL Redis stems from a flaw in the HyperLogLog data structure. This flaw occurs when the SETRANGE command is executed, allowing up to 3 bytes of information to be written beyond the memory buffer...