CVE-2021-41099 — Integer Overflow or Wraparound in Redis

CWE-190 — Integer Overflow or Wraparound CWE-680 — Integer Overflow to Buffer Overflow7 documents7 sources

Severity

7.5HIGHNVD

EPSS

0.3%

top 46.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redis Debian Linux Fedoraproject Fedora +1 more

Timeline

PublishedOct 4

Latest updateAug 3

Description

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len configuration parameter to a very large value and constructing specially crafted network payloads or commands. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14. An additional workaround to m…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5redis/redis< 5.0.14+2

▶NVDredis/redis5.0.0 — 5.0.14+2

▶Debianredis/redis< 5:6.0.16-1+deb11u1+3

▶NVDoracle/communications_operations_monitor4.3, 4.4, 5.0+2

Also affects: Debian Linux 10.0, 11.0, Fedora 33, 34, 35

Patches

Patch: github.com ↗Patch: www.oracle.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

Integer overflow issue with strings in Redis↗2021-10-04

▶

OSV

CVE-2021-41099: Redis is an open source, in-memory database that persists on disk↗2021-10-04

▶

📋Vendor Advisories

Ubuntu

Redis vulnerabilities↗2022-08-03

▶

Microsoft

Integer overflow issue with strings in Redis↗2021-10-12

▶

Red Hat

redis: Integer overflow issue with strings↗2021-10-04

▶

Debian

CVE-2021-41099: redis - Redis is an open source, in-memory database that persists on disk. An integer ov...↗2021

▶