{"containers": {"cna": {"affected": [{"product": "redis", "vendor": "redis", "versions": [{"status": "affected", "version": "< 6.0.14"}, {"status": "affected", "version": ">= 6.2.0, < 6.2.4"}]}], "descriptions": [{"lang": "en", "value": "Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This is a result of an incomplete fix by CVE-2021-29477. The problem is fixed in version 6.2.4 and 6.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to use ACL configuration to prevent clients from using the STRALGO LCS command. On 64 bit systems which have the fixes of CVE-2021-29477 (6.2.3 or 6.0.13), it is sufficient to make sure that the proto-max-bulk-len config parameter is smaller than 2GB (default is 512MB)."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-680", "description": "CWE-680: Integer Overflow to Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-04T18:23:10", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/redis/redis/security/advisories/GHSA-46cp-x4x9-6pfq"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/redis/redis/releases/tag/6.0.14"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/redis/redis/releases/tag/6.2.4"}, {"name": "FEDORA-2021-916f861096", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHWOF7CBVUGDK3AN6H3BN3VNTH2TDUZZ/"}, {"name": "FEDORA-2021-0ad4bec5b1", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN7INTZFE34MIQJO7WDDTIY5LIBGN6GI/"}], "source": {"advisory": "GHSA-46cp-x4x9-6pfq", "discovery": "UNKNOWN"}, "title": "Redis vulnerability in STRALGO LCS on 32-bit systems", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32625", "STATE": "PUBLIC", "TITLE": "Redis vulnerability in STRALGO LCS on 32-bit systems"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "redis", "version": {"version_data": [{"version_value": "< 6.0.14"}, {"version_value": ">= 6.2.0, < 6.2.4"}]}}]}, "vendor_name": "redis"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This is a result of an incomplete fix by CVE-2021-29477. The problem is fixed in version 6.2.4 and 6.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to use ACL configuration to prevent clients from using the STRALGO LCS command. On 64 bit systems which have the fixes of CVE-2021-29477 (6.2.3 or 6.0.13), it is sufficient to make sure that the proto-max-bulk-len config parameter is smaller than 2GB (default is 512MB)."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-680: Integer Overflow to Buffer Overflow"}]}]}, "references": {"reference_data": [{"name": "https://github.com/redis/redis/security/advisories/GHSA-46cp-x4x9-6pfq", "refsource": "CONFIRM", "url": "https://github.com/redis/redis/security/advisories/GHSA-46cp-x4x9-6pfq"}, {"name": "https://github.com/redis/redis/releases/tag/6.0.14", "refsource": "MISC", "url": "https://github.com/redis/redis/releases/tag/6.0.14"}, {"name": "https://github.com/redis/redis/releases/tag/6.2.4", "refsource": "MISC", "url": "https://github.com/redis/redis/releases/tag/6.2.4"}, {"name": "FEDORA-2021-916f861096", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BHWOF7CBVUGDK3AN6H3BN3VNTH2TDUZZ/"}, {"name": "FEDORA-2021-0ad4bec5b1", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN7INTZFE34MIQJO7WDDTIY5LIBGN6GI/"}]}, "source": {"advisory": "GHSA-46cp-x4x9-6pfq", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:25:30.543Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/redis/redis/security/advisories/GHSA-46cp-x4x9-6pfq"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/redis/redis/releases/tag/6.0.14"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/redis/redis/releases/tag/6.2.4"}, {"name": "FEDORA-2021-916f861096", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHWOF7CBVUGDK3AN6H3BN3VNTH2TDUZZ/"}, {"name": "FEDORA-2021-0ad4bec5b1", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN7INTZFE34MIQJO7WDDTIY5LIBGN6GI/"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-32625", "datePublished": "2021-06-02T19:35:11", "dateReserved": "2021-05-12T00:00:00", "dateUpdated": "2024-08-03T23:25:30.543Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:x84:*", "matchCriteriaId": "920666CD-F874-4640-A155-666D68910632", "versionEndExcluding": "6.0.14", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:x84:*", "matchCriteriaId": "A81BCE13-325F-4518-A14E-EC066FA22C76", "versionEndExcluding": "6.2.4", "versionStartIncluding": "6.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This is a result of an incomplete fix by CVE-2021-29477. The problem is fixed in version 6.2.4 and 6.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to use ACL configuration to prevent clients from using the STRALGO LCS command. On 64 bit systems which have the fixes of CVE-2021-29477 (6.2.3 or 6.0.13), it is sufficient to make sure that the proto-max-bulk-len config parameter is smaller than 2GB (default is 512MB)."}, {"lang": "es", "value": "Redis es un almac\u00e9n de estructuras de datos en memoria de c\u00f3digo abierto (con licencia BSD), utilizado como base de datos, cach\u00e9 y corredor de mensajes. Un error de desbordamiento de enteros en la versi\u00f3n 6.0 o m\u00e1s reciente de Redis, podr\u00eda ser explotado usando el comando STRALGO LCS para corromper la pila y potencialmente resultar en la ejecuci\u00f3n remota de c\u00f3digo. Esto es el resultado de una correcci\u00f3n incompleta de CVE-2021-29477. El problema se ha corregido en las versiones 6.2.4 y 6.0.14. Una soluci\u00f3n adicional para mitigar el problema sin parchear el ejecutable de redis-server es utilizar la configuraci\u00f3n ACL para evitar que los clientes utilicen el comando STRALGO LCS. En los sistemas de 64 bits que tienen las correcciones de CVE-2021-29477 (6.2.3 o 6.0.13), basta con asegurarse de que el par\u00e1metro de configuraci\u00f3n proto-max-bulk-len es menor que 2GB (el valor predeterminado es 512MB)"}], "id": "CVE-2021-32625", "lastModified": "2023-11-07T03:35:19.187", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-06-02T20:15:07.187", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/redis/redis/releases/tag/6.0.14"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/redis/redis/releases/tag/6.2.4"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/redis/redis/security/advisories/GHSA-46cp-x4x9-6pfq"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHWOF7CBVUGDK3AN6H3BN3VNTH2TDUZZ/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SN7INTZFE34MIQJO7WDDTIY5LIBGN6GI/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-680"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"bugzilla": {"description": "redis: Heap corruption via `STRALGO LCS` command (Incomplete fix for CVE-2021-29477)", "id": "1980790", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980790"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-190->(CWE-125|CWE-787)", "details": ["Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer, could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This is a result of an incomplete fix by CVE-2021-29477. The problem is fixed in version 6.2.4 and 6.0.14. An additional workaround to mitigate the problem without patching the redis-server executable is to use ACL configuration to prevent clients from using the STRALGO LCS command. On 64 bit systems which have the fixes of CVE-2021-29477 (6.2.3 or 6.0.13), it is sufficient to make sure that the proto-max-bulk-len config parameter is smaller than 2GB (default is 512MB).", "A flaw was found in Redis. An integer overflow could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This is a result of an incomplete fix by CVE-2021-29477. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."], "mitigation": {"lang": "en:us", "value": "The flaw can be mitigated by disallowing usage of the STRALGO LCS command via ACL configuration. Please see https://redis.io/topics/acl for more information on how to do this. On 64 bit systems which have the fixes of CVE-2021-29477 (6.2.3 or 6.0.13), it is sufficient to make sure that the proto-max-bulk-len config parameter is smaller than 2GB (default is 512MB)."}, "name": "CVE-2021-32625", "package_state": [{"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "redisgraph-tls", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform", "fix_state": "Not affected", "package_name": "redis", "product_name": "Red Hat Ansible Automation Platform 1.2"}, {"cpe": "cpe:/a:redhat:ansible_tower:3", "fix_state": "Not affected", "package_name": "redis", "product_name": "Red Hat Ansible Tower 3"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "redis:5/redis", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "redis:6/redis", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "redis", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Not affected", "impact": "moderate", "package_name": "redis", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "impact": "moderate", "package_name": "redis", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}], "public_date": "2021-06-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-32625\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-32625\nhttps://github.com/redis/redis/security/advisories/GHSA-46cp-x4x9-6pfq"], "statement": "This issue only affects 32-bit Redis version 6.0 or newer. The Redis module streams shipped with Red Hat Enterprise Linux 8 are not affected by this flaw:\n* `redis:5` does not include a vulnerable version of Redis.\n* `redis:6` does not provide support for 32-bit Redis.", "threat_severity": "Important", "upstream_fix": "redis 6.2.4, redis 6.0.14"}