CVE-2022-35977
published 2023-01-20CVE-2022-35977: Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer…
PriorityP341medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
33.27%
98.2th percentile
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | redis | < redis 5:7.0.8-1 (bookworm) | redis 5:7.0.8-1 (bookworm) |
| msrc | cbl2_redis_6.2.9-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_redis_6.2.7-3_on_cbl_mariner_1.0 | — | — |
| redis | redis | < 6.0.17 | 6.0.17 |
| redis | redis | — | — |
| redis | redis | — | — |
| redis | redis | >= 0 < 5:6.0.16-1+deb11u4 | 5:6.0.16-1+deb11u4 |
| redis | redis | >= 0 < 5:7.0.8-1 | 5:7.0.8-1 |
| redis | redis | >= 0 < 5:7.0.8-1 | 5:7.0.8-1 |
| redis | redis | >= 0 < 5:7.0.8-1 | 5:7.0.8-1 |
| redis | redis | >= 0 < 2:2.8.4-2ubuntu0.2+esm3 | 2:2.8.4-2ubuntu0.2+esm3 |
| redis | redis | >= 0 < 2:3.0.6-1ubuntu0.4+esm2 | 2:3.0.6-1ubuntu0.4+esm2 |
| redis | redis | >= 0 < 5:4.0.9-1ubuntu0.2+esm4 | 5:4.0.9-1ubuntu0.2+esm4 |
| redis | redis | >= 0 < 5:5.0.7-2ubuntu0.1+esm2 | 5:5.0.7-2ubuntu0.1+esm2 |
| redis | redis | >= 0 < 5:6.0.16-1ubuntu1+esm1 | 5:6.0.16-1ubuntu1+esm1 |
| redis | redis | >= 6.0.0 < 6.0.17 | 6.0.17 |
| redis | redis | >= 6.2.0 < 6.2.9 | 6.2.9 |
| redis | redis | >= 7.0.0 < 7.0.8 | 7.0.8 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv8.8HIGH
vendor_ubuntu7.0HIGH
vendor_debian5.5MEDIUM
vendor_msrc5.5MEDIUM
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Redis vulnerabilities
vendor_ubuntu·2023-12-05·CVSS 7.0
CVE-2023-25155 [HIGH] Redis vulnerabilities
Title: Redis vulnerabilities
Summary: Several security issues were fixed in Redis.
Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled
certain specially crafted Lua scripts. An attacker could possibly use this
issue to cause heap corruption and execute arbitrary code.
(CVE-2022-24834)
SeungHyun Lee discovered that Redis incorrectly handled specially crafted
commands. An attacker could possibly use this issue to trigger an integer
overflow, which might cause Redis to allocate impossible amounts of memory,
resulting in a denial of service via an application crash. (CVE-2022-35977)
Tom Levy discovered that Redis incorrectly handled crafted string matching
patterns. An attacker could possibly use this issue to cause Redis to hang,
resulting in a denial of service. (CV
Red Hat
redis: Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands may result with false OOM panic
vendor_redhat·2023-01-17·CVSS 5.5
CVE-2022-35977 [MEDIUM] CWE-190 redis: Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands may result with false OOM panic
redis: Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands may result with false OOM panic
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability.
A flaw was found in Redis, an in-memory database that persists on disk. This flaw allows authenticated users to issue specially crafted `SETRANGE` and `SORT(_RO)` commands to trigger an integer overflow, resulting in Redis attempting to allocate impossible a
Microsoft
Integer overflow in certain command arguments can drive Redis to OOM panic
vendor_msrc·2023-01-10·CVSS 5.5
CVE-2022-35977 [MEDIUM] CWE-190 Integer overflow in certain command arguments can drive Redis to OOM panic
Integer overflow in certain command arguments can drive Redis to OOM panic
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
GitHub_M: GitHub_M
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Debian
CVE-2022-35977: redis - Redis is an in-memory database that persists on disk. Authenticated users issuin...
vendor_debian·2022·CVSS 5.5
CVE-2022-35977 [MEDIUM] CVE-2022-35977: redis - Redis is an in-memory database that persists on disk. Authenticated users issuin...
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Scope: local
bookworm: resolved (fixed in 5:7.0.8-1)
bullseye: resolved (fixed in 5:6.0.16-1+deb11u4)
forky: resolved (fixed in 5:7.0.8-1)
sid: resolved (fixed in 5:7.0.8-1)
trixie: resolved (fixed in 5:7.0.8-1)
OSV
redis vulnerabilities
osv·2023-12-05·CVSS 8.8
CVE-2022-24834 [HIGH] redis vulnerabilities
redis vulnerabilities
Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled
certain specially crafted Lua scripts. An attacker could possibly use this
issue to cause heap corruption and execute arbitrary code.
(CVE-2022-24834)
SeungHyun Lee discovered that Redis incorrectly handled specially crafted
commands. An attacker could possibly use this issue to trigger an integer
overflow, which might cause Redis to allocate impossible amounts of memory,
resulting in a denial of service via an application crash. (CVE-2022-35977)
Tom Levy discovered that Redis incorrectly handled crafted string matching
patterns. An attacker could possibly use this issue to cause Redis to hang,
resulting in a denial of service. (CVE-2022-36021)
Yupeng Yang discovered that Redis incorrectly h
OSV
CVE-2022-35977: Redis is an in-memory database that persists on disk
osv·2023-01-20·CVSS 5.5
CVE-2022-35977 [MEDIUM] CVE-2022-35977: Redis is an in-memory database that persists on disk
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability.
No detection rules found.
No public exploits indexed.
https://github.com/redis/redis/commit/1ec82e6e97e1db06a72ca505f9fbf6b981f31ef7https://github.com/redis/redis/releases/tag/6.0.17https://github.com/redis/redis/releases/tag/6.2.9https://github.com/redis/redis/releases/tag/7.0.8https://github.com/redis/redis/security/advisories/GHSA-mrcw-fhw9-fj8jhttps://github.com/redis/redis/commit/1ec82e6e97e1db06a72ca505f9fbf6b981f31ef7https://github.com/redis/redis/releases/tag/6.0.17https://github.com/redis/redis/releases/tag/6.2.9https://github.com/redis/redis/releases/tag/7.0.8https://github.com/redis/redis/security/advisories/GHSA-mrcw-fhw9-fj8jhttps://lists.debian.org/debian-lts-announce/2024/11/msg00031.html
2023-01-20
Published