CVE-2021-32628

CWE-190 — Integer Overflow CWE-680 CWE-787 — Out-of-bounds Write7 documents7 sources

Severity

7.5HIGH

EPSS

0.4%

top 37.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redis Redis Debian Debian Linux Fedoraproject Fedora +1 more

Timeline

PublishedOct 4

Latest updateAug 3

Description

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves modifying the default ziplist configuration parameters (hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries or zset-max-ziplist-value) to a very large value, and then constructing specially crafted commands to c…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5redis/redis< 5.0.14+2

▶NVDredis/redis5.0.0 — 5.0.14+2

▶Debianredis< 5:6.0.16-1+deb11u1+3

▶NVDoracle/communications_operations_monitor4.3, 4.4, 5.0+2

Also affects: Debian Linux 10.0, 11.0, Fedora 33, 34, 35

Patches

Patch: github.com ↗Patch: www.oracle.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

CVE-2021-32628: Redis is an open source, in-memory database that persists on disk↗2021-10-04

▶

CVEList

Vulnerability in handling large ziplists↗2021-10-04

▶

📋Vendor Advisories

Ubuntu

Redis vulnerabilities↗2022-08-03

▶

Microsoft

Vulnerability in handling large ziplists↗2021-10-12

▶

Red Hat

redis: Integer overflow bug in the ziplist data structure↗2021-10-04

▶

Debian

CVE-2021-32628: redis - Redis is an open source, in-memory database that persists on disk. An integer ov...↗2021

▶