redis:6 security, bug fix, and enhancement update
エラータID: AXSA:2022-4434:01
リリース日:
2022/12/15 Thursday - 03:24
題名:
redis:6 security, bug fix, and enhancement update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Low
Description:
以下項目について対処しました。
[Security Fix]
- Redis には、Lua スクリプト実行環境に問題があるため、
Redis にアクセス可能な低権限の攻撃者により、Lua
スクリプトの注入を介して、高権限の他ユーザーによる
Lua コードの実行を可能とする脆弱性が存在します。
(CVE-2022-24735)
- Redis には、NULL ポインタデリファレンスの問題が
あるため、ローカルの攻撃者により、巧妙に細工された
Lua スクリプトのロードを介して、redis-server プロセスの
クラッシュを可能とする脆弱性が存在します。
(CVE-2022-24736)
Modularity name: redis
Stream name: 6
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-24735
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weaknesses of these measures have been publicly known for a long time, but they had no security impact as the Redis security model did not endorse the concept of users or privileges. With the introduction of ACLs in Redis 6.0, these weaknesses can be exploited by a less privileged users to inject Lua code that will execute at a later time, when a privileged user executes a Lua script. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua script execution environment in Redis provides some measures that prevent a script from creating side effects that persist and can affect the execution of the same, or different script, at a later time. Several weaknesses of these measures have been publicly known for a long time, but they had no security impact as the Redis security model did not endorse the concept of users or privileges. With the introduction of ACLs in Redis 6.0, these weaknesses can be exploited by a less privileged users to inject Lua code that will execute at a later time, when a privileged user executes a Lua script. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
CVE-2022-24736
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2.7. An additional workaround to mitigate this problem without patching the redis-server executable, if Lua scripting is not being used, is to block access to `SCRIPT LOAD` and `EVAL` commands using ACL rules.
追加情報:
N/A
ダウンロード:
SRPMS
- redis-6.2.7-1.module+el8+1554+0cc26872.src.rpm
MD5: 16afca4db5d095e94023600cb4a0260f
SHA-256: 82d6579594fc17e502d3e5cae378be8cc0c6dedfd3671eabba40eecfc95e8441
Size: 2.97 MB
Asianux Server 8 for x86_64
- redis-6.2.7-1.module+el8+1554+0cc26872.x86_64.rpm
MD5: e62809b266e10415076305b9a51ef407
SHA-256: 49072159e0400f152310d6b21408be9a74a55d34abcdf5693df86d2672514104
Size: 1.17 MB - redis-debugsource-6.2.7-1.module+el8+1554+0cc26872.x86_64.rpm
MD5: e6d349be680b96e5617fed7944e760ec
SHA-256: a2515a4db8b6a384a5479fe131cf2e9bff61ec6433a776296f54dffd9e51588a
Size: 1.34 MB - redis-devel-6.2.7-1.module+el8+1554+0cc26872.x86_64.rpm
MD5: 8ef96dd742179adee654a6782f03d160
SHA-256: bfa3899d5d5bcf7df46b14b994fab4e16d8d114a026bbc203ff5fa10ade17838
Size: 29.93 kB - redis-doc-6.2.7-1.module+el8+1554+0cc26872.noarch.rpm
MD5: 93342ae8b5a5dd40eba8d07df49d27e2
SHA-256: 21b0bd75646941b3b5cc8bf1c57426588a457f88c53439c7b84d55ea26d0d7e4
Size: 490.45 kB
English