Bug 1980790 (CVE-2021-32625)
| Summary: | CVE-2021-32625 redis: Heap corruption via `STRALGO LCS` command (Incomplete fix for CVE-2021-29477) | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | agerstmayr, apevec, bcoca, caswilli, chousekn, cmeyers, davidn, dbecker, fabian.deutsch, fedora, fpercoco, gblomqui, gghezzo, gparvin, jal233, jcammara, jhardy, jjoyce, jobarker, jramanat, jschluet, kaycoth, lhh, lpeer, mabashia, mburns, mgoodwin, nathans, notting, osapryki, rcollet, redis-maint, relrod, rpetrell, sclewis, sdoran, slinaber, smcdonal, stcannon, tkuratom, vmugicag |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | redis 6.2.4, redis 6.0.14 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in Redis. An integer overflow could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. This is a result of an incomplete fix by CVE-2021-29477. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-07-15 03:54:39 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1981285, 1981286, 1981287, 1981464 | ||
| Bug Blocks: | 1980792 | ||
|
Description
Pedro Sampaio
2021-07-09 14:30:56 UTC
Upstream PR: https://github.com/redis/redis/pull/9011 Upstream fix: https://github.com/redis/redis/commit/1ddecf1 [unstable] https://github.com/redis/redis/commit/e9a1438 [6.2] https://github.com/redis/redis/commit/dd27c4e [6.0] Analysis is complete for Ansible components and it was found that None of the ansible components do use the affected version of Redis i.e. 6.0 or newer. The current version of Redis in AAP 1.2 and AAP 2.0 is 5.0.5 and 5.0.3 respectively as shown below: AAP 1.2 [root@localhost vagrant]# rpm -qi rh-redis5-redis-5.0.5-1.el7.x86_64 Name : rh-redis5-redis Version : 5.0.5 Release : 1.el7 Architecture: x86_64 AAP 2.0 [root@ip-10-0-11-92 ec2-user]# rpm -qi redis-5.0.3-2.module+el8.0.0.z+3657+acb471dc.x86_64 Name : redis Version : 5.0.3 Release : 2.module+el8.0.0.z+3657+acb471dc Architecture: x86_64 Apart from the affected version, Redis is not directly embedded into any Ansible component.Its being consumed RHEL. Hence, marking Ansible as "Not Affected" by this bug/vulnerability. This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-32625 |