redis:6 security, bug fix, and enhancement update
エラータID: AXSA:2022-4434:01
Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.
The following packages have been upgraded to a later upstream version: redis (6.2.7).
Security Fix(es):
* redis: Code injection via Lua script execution environment (CVE-2022-24735)
* redis: Malformed Lua script can crash Redis (CVE-2022-24736)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2022-24735
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weaknesses of these measures have been publicly known for a long time, but they had no security impact as the Redis security model did not endorse the concept of users or privileges. With the introduction of ACLs in Redis 6.0, these weaknesses can be exploited by a less privileged users to inject Lua code that will execute at a later time, when a privileged user executes a Lua script. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
CVE-2022-24736
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
Modularity name: redis
Stream name: 6
Update packages.
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weaknesses of these measures have been publicly known for a long time, but they had no security impact as the Redis security model did not endorse the concept of users or privileges. With the introduction of ACLs in Redis 6.0, these weaknesses can be exploited by a less privileged users to inject Lua code that will execute at a later time, when a privileged user executes a Lua script. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
N/A
SRPMS
- redis-6.2.7-1.module+el8+1554+0cc26872.src.rpm
MD5: 16afca4db5d095e94023600cb4a0260f
SHA-256: 82d6579594fc17e502d3e5cae378be8cc0c6dedfd3671eabba40eecfc95e8441
Size: 2.97 MB
Asianux Server 8 for x86_64
- redis-6.2.7-1.module+el8+1554+0cc26872.x86_64.rpm
MD5: e62809b266e10415076305b9a51ef407
SHA-256: 49072159e0400f152310d6b21408be9a74a55d34abcdf5693df86d2672514104
Size: 1.17 MB - redis-debugsource-6.2.7-1.module+el8+1554+0cc26872.x86_64.rpm
MD5: e6d349be680b96e5617fed7944e760ec
SHA-256: a2515a4db8b6a384a5479fe131cf2e9bff61ec6433a776296f54dffd9e51588a
Size: 1.34 MB - redis-devel-6.2.7-1.module+el8+1554+0cc26872.x86_64.rpm
MD5: 8ef96dd742179adee654a6782f03d160
SHA-256: bfa3899d5d5bcf7df46b14b994fab4e16d8d114a026bbc203ff5fa10ade17838
Size: 29.93 kB - redis-doc-6.2.7-1.module+el8+1554+0cc26872.noarch.rpm
MD5: 93342ae8b5a5dd40eba8d07df49d27e2
SHA-256: 21b0bd75646941b3b5cc8bf1c57426588a457f88c53439c7b84d55ea26d0d7e4
Size: 490.45 kB