CVE-2025-46817

Source
https://cve.org/CVERecord?id=CVE-2025-46817
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-46817.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-46817
Aliases
Downstream
Related
Published
2025-10-03T17:52:48.478Z
Modified
2026-06-18T13:17:16.465760Z
Severity
  • 7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Lua library commands may lead to integer overflow and potential RCE
Details

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2.

Database specific
{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-190"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/46xxx/CVE-2025-46817.json"
}
References

Affected packages

Git / github.com/redis/redis

Affected ranges

Type
GIT
Repo
https://github.com/redis/redis
Events
Database specific
{
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "6.2.20"
        },
        {
            "introduced": "7.0"
        },
        {
            "fixed": "7.2.11"
        },
        {
            "introduced": "7.4.0"
        },
        {
            "fixed": "7.4.6"
        },
        {
            "introduced": "8.0.0"
        },
        {
            "fixed": "8.0.4"
        },
        {
            "introduced": "8.2.0"
        },
        {
            "fixed": "8.2.2"
        }
    ],
    "cpe": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*"
}

Affected versions

1.*
1.3.6
2.*
2.2-alpha0
2.2-alpha1
2.2-alpha2
2.2-alpha3
2.2-alpha4
2.2-alpha5
2.2-alpha6
2.2.0-rc1
2.3-alpha0
6.*
6.2-rc1
6.2-rc2
6.2-rc3
6.2.0
6.2.1
6.2.10
6.2.11
6.2.12
6.2.13
6.2.14
6.2.15
6.2.16
6.2.17
6.2.18
6.2.19
6.2.2
6.2.3
6.2.4
6.2.5
6.2.6
6.2.7
6.2.8
6.2.9
7.*
7.2-rc1
7.2-rc2
7.2-rc3
7.2.0
7.2.1
7.2.10
7.2.2
7.2.3
7.2.4
7.2.5
7.2.6
7.2.7
7.2.8
7.2.9
7.4.0
7.4.1
7.4.2
7.4.3
7.4.4
7.4.5
8.*
8.0.0
8.0.1
8.0.1-int
8.0.2
8.0.3
8.2.0
8.2.1
8.2.1-int
8.2.2-int
v1.*
v1.3.10
v1.3.11
v1.3.7
v1.3.8
v1.3.9
v2.*
v2.0.0-rc1
v2.1.1-watch
Other
vm-playpen

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-46817.json"
vanir_signatures_modified
"2026-06-18T13:17:16Z"
vanir_signatures
[
    {
        "source": "https://github.com/redis/redis/commit/9829bdbfd9e7eeb8fb6c79ce36bcc77a681824b1",
        "target": {
            "function": "defragStream",
            "file": "src/defrag.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-1bff8e25",
        "digest": {
            "function_hash": "231823367469822555940742382288933873230",
            "length": 564.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/redis/redis/commit/fc9abc775e308374f667fdf3e723ef4b7eb0e3ca",
        "target": {
            "file": "deps/lua/src/ltable.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-2443885b",
        "digest": {
            "line_hashes": [
                "125670280683194879539921835938120858029",
                "79963122918448863169488879789633999900",
                "178514249587135916334768771082338180637",
                "167536582049891518806390257069890511495"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/redis/redis/commit/9829bdbfd9e7eeb8fb6c79ce36bcc77a681824b1",
        "target": {
            "function": "defragStreamConsumerGroup",
            "file": "src/defrag.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-2f43472c",
        "digest": {
            "function_hash": "288446850232562980440863683026214219231",
            "length": 274.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/redis/redis/commit/9829bdbfd9e7eeb8fb6c79ce36bcc77a681824b1",
        "target": {
            "function": "defragStreamConsumerPendingEntry",
            "file": "src/defrag.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-77eb7a7a",
        "digest": {
            "function_hash": "269273620982420028349368441170132491277",
            "length": 316.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/redis/redis/commit/fc9abc775e308374f667fdf3e723ef4b7eb0e3ca",
        "target": {
            "function": "luaB_unpack",
            "file": "deps/lua/src/lbaselib.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-835c4ab1",
        "digest": {
            "function_hash": "198452583128654122547339479691788179436",
            "length": 465.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/redis/redis/commit/9829bdbfd9e7eeb8fb6c79ce36bcc77a681824b1",
        "target": {
            "function": "ebDefragRaxBucket",
            "file": "src/ebuckets.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-90636aee",
        "digest": {
            "function_hash": "278644848284550820802314798222846137842",
            "length": 1028.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/redis/redis/commit/fc9abc775e308374f667fdf3e723ef4b7eb0e3ca",
        "target": {
            "function": "luaH_getnum",
            "file": "deps/lua/src/ltable.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-9095d23c",
        "digest": {
            "function_hash": "114821343489539077307346950160007344414",
            "length": 463.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/redis/redis/commit/9829bdbfd9e7eeb8fb6c79ce36bcc77a681824b1",
        "target": {
            "file": "src/defrag.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-9771037c",
        "digest": {
            "line_hashes": [
                "138051693839747285096021458702403893111",
                "217792725282971082265874066493719589089",
                "314104092114484613540366304337620153799",
                "289838893004834880788220210160086127357",
                "261640981466269970594854736063516974006",
                "310366546339259136490471016273997718966",
                "32133616761046458240624936400794999717",
                "99379125398230922191097416962833631765",
                "141940563608976522218604452044168104567",
                "11220539234012554404348468137403013259",
                "232481408480410736814504528475544114533",
                "51866787026042368566811775065054533143",
                "63433160957720909299274972010261027892",
                "294256383012553041837446580576855146212",
                "89382824653771948252974872163098475979",
                "125843216691037721002607267089725657746",
                "134688872856233222990888740724026394481",
                "48326925826003410695033980425698456909",
                "67996540693667022215470987524713099413",
                "136018837045987266595679134463638862968",
                "333375019022085398980596780008619891568",
                "29915176327139359699601310212482016515",
                "78998988978891701179665002117073134153",
                "17549832641806627852119609812055732197",
                "42446296350911664275182979645220907226",
                "138975645959192329129097852787418759626",
                "149158348708285902087935202222825724476",
                "142605691491218526884160292427755441470",
                "11688604414306184430853572012154672997",
                "148558868641076683043063174755617384651",
                "21028590655927164121484625827791262156",
                "46089719024847428095945812658394875858",
                "132152125759967892984304802846013499407",
                "252710555466710673955941017321669831749",
                "239262572873833474405578058531672783359",
                "66720547795711375935066349761282397334",
                "228824034014002333793286778567671435553",
                "140423370034328928159919286536412352374",
                "34259259009794645587500028432093165186",
                "32714089352387174407290605263289841726",
                "142160850842147572350805881228483295868",
                "232067484793209163755223773554912439711",
                "294077731618297973044671231562754097105",
                "216744741664175839129273154417262477100",
                "995446791351321522154638928135859875",
                "191256389506455193250670539930255527581",
                "302732920957766076804960979292947649450",
                "26025635131505467470119512320366390742"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/redis/redis/commit/9829bdbfd9e7eeb8fb6c79ce36bcc77a681824b1",
        "target": {
            "file": "src/ebuckets.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-b3bba80f",
        "digest": {
            "line_hashes": [
                "244502848865928883332908724730119052311",
                "141797934241402737746765354854429761657",
                "121189225860232617002299124820059699861",
                "325221416935840389820722274695630580016",
                "303490719280172131208887830823944185073",
                "43864785869962988976065089075595503762",
                "53490938445701540411614375924248395921",
                "23408075982072842741195268914820996812",
                "320872889493649556307334100222506094780",
                "244730142365431892013328866901959544225",
                "170283847187515741955371454705299138105",
                "235864933409515329941478345542925607458"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/redis/redis/commit/fc9abc775e308374f667fdf3e723ef4b7eb0e3ca",
        "target": {
            "file": "deps/lua/src/lbaselib.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-bc7d22a5",
        "digest": {
            "line_hashes": [
                "215183603034438790074787436400451326507",
                "271254306717558512938290651667297911789",
                "309902335175555326166799105380489864046",
                "278280089201699928306779544643363540028",
                "336878426482468871976108546882672249784",
                "74907258639459001040493862410090902739",
                "251369238004598570509070825067461752837",
                "264188405051546521903392069016245411918",
                "164349750841827671432993903885626756569",
                "161144831204048545051086606829724637083"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/redis/redis/commit/9829bdbfd9e7eeb8fb6c79ce36bcc77a681824b1",
        "target": {
            "function": "activeDefragAlloc",
            "file": "src/defrag.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-c715e681",
        "digest": {
            "function_hash": "43521981978878587750908260601344872279",
            "length": 307.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    },
    {
        "source": "https://github.com/redis/redis/commit/9829bdbfd9e7eeb8fb6c79ce36bcc77a681824b1",
        "target": {
            "function": "activeDefragHExpiresOB",
            "file": "src/defrag.c"
        },
        "deprecated": false,
        "id": "CVE-2025-46817-f6afd884",
        "digest": {
            "function_hash": "307600606145985118090248030247413925373",
            "length": 654.0
        },
        "signature_type": "Function",
        "signature_version": "v1"
    }
]