Back to bug 2010988
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Pedro Sampaio | 2021-10-05 21:08:40 UTC | CC | caswilli | |
| Pedro Sampaio | 2021-10-05 21:08:48 UTC | CC | gghezzo, gparvin, jramanat, pahickey, stcannon | |
| Pedro Sampaio | 2021-10-05 21:08:54 UTC | CC | jwong | |
| Pedro Sampaio | 2021-10-05 21:09:05 UTC | CC | jwong | |
| Pedro Sampaio | 2021-10-05 21:09:11 UTC | CC | caswilli | |
| Pedro Sampaio | 2021-10-05 21:09:18 UTC | CC | gghezzo, gparvin, jramanat, pahickey, stcannon | |
| Pedro Sampaio | 2021-10-05 21:09:30 UTC | CC | bdettelb | |
| Pedro Sampaio | 2021-10-05 21:09:37 UTC | CC | amackenz, amasferr, chazlett, drieden, mkudlej, tjochec | |
| Pedro Sampaio | 2021-10-05 21:09:44 UTC | CC | hhorak, jorton | |
| Pedro Sampaio | 2021-10-05 21:10:15 UTC | Blocks | 2011061 | |
| Mauro Matteo Cascella | 2021-10-08 14:09:35 UTC | Depends On | 2011189 | |
| Flags | needinfo?(rcollet) | |||
| Mauro Matteo Cascella | 2021-10-08 14:59:24 UTC | Depends On | 2012207, 2012208 | |
| Mauro Matteo Cascella | 2021-10-10 20:38:50 UTC | Doc Text | An integer overflow issue leading to heap buffer overflow was found in the `hiredis` library. The "redis-cli" command line tool and "redis-sentinel" service may be vulnerable to this flaw when parsing specially crafted large multi-bulk network replies. A remote attacker could use this flaw to corrupt the heap and potentially trigger remote code execution. | |
| Remi Collet | 2021-10-11 05:16:03 UTC | Flags | needinfo?(rcollet) | |
| Tapas Jena | 2021-10-11 16:03:54 UTC | Depends On | 2012927 | |
| RaTasha Tillery-Smith | 2021-10-11 18:55:38 UTC | Doc Text | An integer overflow issue leading to heap buffer overflow was found in the `hiredis` library. The "redis-cli" command line tool and "redis-sentinel" service may be vulnerable to this flaw when parsing specially crafted large multi-bulk network replies. A remote attacker could use this flaw to corrupt the heap and potentially trigger remote code execution. | An integer overflow issue leading to heap buffer overflow was found in the `hiredis` library. The "redis-cli" command-line tool and "redis-sentinel" service may be vulnerable to this flaw when parsing specially crafted, large multi-bulk network replies. This flaw allows a remote attacker to corrupt the heap and potentially trigger remote code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
| Tapas Jena | 2021-10-20 09:15:51 UTC | Depends On | 2015849, 2015850 | |
| Red Hat Bugzilla | 2021-11-02 15:42:05 UTC | CC | notting | |
| Red Hat Bugzilla | 2021-12-15 11:50:55 UTC | CC | cmeyers | |
| Red Hat Bugzilla | 2021-12-20 17:33:33 UTC | CC | sdoran | |
| Red Hat Bugzilla | 2022-03-10 13:36:14 UTC | CC | mgoodwin | |
| Red Hat Bugzilla | 2022-04-23 04:25:48 UTC | CC | chousekn | |
| Red Hat Bugzilla | 2022-10-08 04:27:50 UTC | CC | gghezzo | |
| Red Hat Bugzilla | 2023-04-28 08:27:35 UTC | CC | fpercoco | |
| Red Hat Bugzilla | 2023-05-15 18:09:16 UTC | CC | drieden | |
| Red Hat Bugzilla | 2023-07-07 08:33:30 UTC | Assignee | security-response-team | nobody |
Back to bug 2010988