CVE-2022-35977

Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted SETRANGE and SORT(_RO) commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort with an out-of-memory (OOM) panic. The problem is fixed in Redis versions 7.0.8, 6.2.9 and 6.0.17. Users are advised to upgrade. There are no known workarounds for this vulnerability.

References

Affected packages

Git / github.com/redis/redis

Affected ranges

Type: GIT
Repo: https://github.com/redis/redis
Events: Introduced

d375595d5e3ae2e5c29e6c00a2dc3d60578fd9fc

Fixed

1c75ab062d0cb1f3af57e39a399325b9e917e85f

Type: GIT
Repo: https://github.com/redis/redis
Events: Introduced

445aa844b946a8f1bc21ac8554b44adb1ecb4018

Fixed

137696d80811c25b918f7f543bcbe8c9c142f49d

Type: GIT
Repo: https://github.com/redis/redis
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6ed4dc5052488ba88d2b759d494b2d8083a46206

Affected versions

1.*

1.3.6

2.*

2.2-alpha0

2.2-alpha1

2.2-alpha2

2.2-alpha3

2.2-alpha4

2.2-alpha5

2.2-alpha6

2.2.0-rc1

2.3-alpha0

3.*

3.0-alpha0

6.*

6.0-rc1

6.0-rc2

6.0-rc3

6.0-rc4

6.0.0

6.0.1

6.0.10

6.0.11

6.0.12

6.0.13

6.0.14

6.0.15

6.0.16

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.0.9

6.2.0

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

7.*

7.0.0

7.0.1

7.0.2

7.0.3

7.0.4

7.0.5

7.0.6

7.0.7

v1.*

v1.3.10

v1.3.11

v1.3.12

v1.3.7

v1.3.8

v1.3.9

v2.*

v2.0.0-rc1

v2.1.1-watch

Other

vm-playpen

with-deprecated-diskstore