CVE-2021-32762 — Integer Overflow or Wraparound in Redis

CWE-190 — Integer Overflow or Wraparound CWE-680 — Integer Overflow to Buffer Overflow6 documents6 sources

Severity

8.8HIGHNVD

CNA7.5

EPSS

0.7%

top 28.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redis Debian Linux Fedoraproject Fedora +1 more

Timeline

PublishedOct 4

Latest updateOct 12

Description

Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis library which does not perform an overflow check before calling the calloc() heap allocation function. This issue only impacts systems with heap allocators that do not perform their own overflow checks. Most m…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5redis/redis< 5.0.14+2

▶NVDredis/redis5.0.0 — 5.0.14+2

▶Debianredis/redis< 5:6.0.16-1+deb11u1+3

▶NVDoracle/communications_operations_monitor4.3, 4.4, 5.0+2

Also affects: Debian Linux 10.0, 11.0, Fedora 33, 34, 35

Patches

Patch: github.com ↗Patch: www.oracle.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

CVE-2021-32762: Redis is an open source, in-memory database that persists on disk↗2021-10-04

▶

CVEList

Integer overflow that can lead to heap overflow in redis-cli, redis-sentinel on some platforms↗2021-10-04

▶

📋Vendor Advisories

Microsoft

Integer overflow that can lead to heap overflow in redis-cli redis-sentinel on some platforms↗2021-10-12

▶

Red Hat

redis: Integer overflow in redis-cli, redis-sentinel on some platforms↗2021-10-04

▶

Debian

CVE-2021-32762: redis - Redis is an open source, in-memory database that persists on disk. The redis-cli...↗2021

▶