CVE-2020-14147

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-14147
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-14147.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-14147
Downstream
Related
Published
2020-06-15T18:15:14.990Z
Modified
2026-04-09T06:51:32.050158Z
Severity
  • 7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression.

References

Affected packages

Git / github.com/antirez/redis

Affected ranges

Type
GIT
Repo
https://github.com/antirez/redis
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
ef764dde1cca2f25d00686673d1bc89448819571
Type
GIT
Repo
https://github.com/redis/redis
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
ce878b6ed5df1a7b3e87a8af2d1262de4c5bb828
Introduced
17dfd7cabbf7954f92b7a1243d4bb27fee5d4500
Fixed
7803b1148dafe65e2c7927eac7ce9e9ef729efc1
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.0.9"
        },
        {
            "introduced": "6.0.0"
        },
        {
            "fixed": "6.0.3"
        }
    ]
}

Affected versions

1.*
1.3.6
2.*
2.2-alpha0
2.2-alpha1
2.2-alpha2
2.2-alpha3
2.2-alpha4
2.2-alpha5
2.2-alpha6
2.2.0-rc1
2.3-alpha0
5.*
5.0-rc1
5.0-rc2
5.0-rc3
5.0-rc4
5.0-rc5
5.0-rc6
5.0.0
5.0.1
5.0.2
5.0.3
5.0.4
5.0.5
5.0.6
5.0.7
5.0.8
6.*
6.0.0
6.0.1
6.0.2
v1.*
v1.3.10
v1.3.11
v1.3.7
v1.3.8
v1.3.9
v2.*
v2.0.0-rc1
v2.1.1-watch
Other
vm-playpen

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "3.4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "4.3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "12.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "10.0"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-14147.json"