Symantec Security ResponseSMNTC-111273Redis CVE-2018-12326 Buffer Overflow Vulnerability
Description
Redis is prone to a buffer overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code in the context of a user running the affected application and gain elevated privileges. Failed exploit attempts may cause a denial-of-service condition, denying service to legitimate users. Redis versions prior to 4.0.10 and 5.x through and prior to 5.0 RC3 are vulnerable.
Technologies Affected
- IBM Watson Studio Local 1.2.3
- Redhat OpenStack 10
- Redhat OpenStack 13.0
- Redhat OpenStack Director Deployment Tools 13
- Redhat OpenStack Director Deployment Tools for IBM Power LE 13
- Redhat OpenStack for IBM Power 13
- Redhat Software Collections 1 for RHEL 6
- Redhat Software Collections 1 for RHEL 7
- Redhat Software Collections 1 for RHEL 7.4
- Redhat Software Collections 1 for RHEL 7.5
- Redhat Software Collections 1 for RHEL 7.6
- Redhat Software Collections 1 for RHEL 7.7
- Redhat Software Collections 1 for RHEL Workstation 6
- Redhat Software Collections 1 for RHEL Workstation 7
- Redis Redis 2.8.21
- Redis Redis 3.0.2
- Redis Redis 3.0.7
- Redis Redis 3.2.11
- Redis Redis 3.2.12
- Redis Redis 3.2.13
- Redis Redis 3.2.3
- Redis Redis 3.2.7
- Redis Redis 4.0
- Redis Redis 4.0.9
- Redis Redis 5.0
- Redis Redis 5.0 RC1
- Redis Redis 5.0 RC2
Recommendations
Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To reduce the likelihood of a successful exploit, restrict local access to trusted individuals only.
Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.
Implement multiple redundant layers of security.
Various memory-protection schemes (such as nonexecutable and randomly mapped memory segments) may hinder an attacker’s ability to exploit this vulnerability to execute arbitrary code.
Updates are available. Please see the references or vendor advisory for more information.
Related
