CVE-2021-32687 — Integer Overflow or Wraparound in Redis

CWE-190 — Integer Overflow or Wraparound CWE-680 — Integer Overflow to Buffer Overflow7 documents7 sources

Severity

7.5HIGHNVD

EPSS

0.7%

top 28.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redis Debian Linux Fedoraproject Fedora +1 more

Timeline

PublishedOct 4

Latest updateAug 3

Description

Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changing the default set-max-intset-entries configuration parameter to a very large value and constructing specially crafted commands to manipulate sets. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.1…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5redis/redis< 5.0.14+2

▶NVDredis/redis5.0.0 — 5.0.14+2

▶Debianredis/redis< 5:6.0.16-1+deb11u1+3

▶NVDoracle/communications_operations_monitor4.3, 4.4, 5.0+2

Also affects: Debian Linux 10.0, 11.0, Fedora 33, 34, 35

Patches

Patch: github.com ↗Patch: www.oracle.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

Integer overflow issue with intsets in Redis↗2021-10-04

▶

OSV

CVE-2021-32687: Redis is an open source, in-memory database that persists on disk↗2021-10-04

▶

📋Vendor Advisories

Ubuntu

Redis vulnerabilities↗2022-08-03

▶

Microsoft

Integer overflow issue with intsets in Redis↗2021-10-12

▶

Red Hat

redis: Integer overflow issue with intsets↗2021-10-04

▶

Debian

CVE-2021-32687: redis - Redis is an open source, in-memory database that persists on disk. An integer ov...↗2021

▶