Bug 2223393 (CVE-2021-31294)

Summary: CVE-2021-31294 redis: an assertion failure in a primary server by sending a non-administrative command
Product: [Other] Security Response Reporter: Marian Rehak <mrehak>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: acrosby, adudiak, agarcial, aileenc, amasferr, aoconnor, asegurap, bbuckingham, bcourt, bdettelb, caswilli, chazlett, crarobin, dffrench, dfreiber, dhughes, eglynn, ehelms, epacific, fjansen, gmalinko, gparvin, gzaronik, hhorak, hkataria, janstey, jburrell, jcammara, jhardy, jjoyce, jmadigan, jmitchel, jneedle, jobarker, jorton, jsherril, jtanner, kaycoth, kshier, lhh, lzap, mabashia, mburns, mgarciac, mhulan, micjohns, mkleinhe, mkudlej, myarboro, nathans, ngough, njean, nmoumoul, nweather, oezr, orabin, owatkins, pahickey, pamccart, pcreech, pdelbell, pgrist, prgutier, rchan, rcollet, redis-maint, rgodfrey, rogbas, simaishi, smcdonal, stcannon, sthirugn, teagle, tfister, tjochec, vkrizan, vkumar, vmugicag, yguenane, zsadeh
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: redis 6.2.x, redis 7.x Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Redis package. If a replica sends a SET command to its master during a failover, the master crashes on assertion.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2223397, 2223399, 2223501, 2223502, 2223503, 2223504, 2223505, 2223536, 2223537    
Bug Blocks: 2223398    

Description Marian Rehak 2023-07-17 15:14:03 UTC 
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command (specifically, a SET command). NOTE: this was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have safety guarantees related to this.

Reference:

https://github.com/redis/redis/commit/46f4ebbe842620f0976a36741a72482620aa4b48
https://github.com/redis/redis/commit/6cbea7d29b5285692843bc1c351abba1a7ef326f
https://github.com/redis/redis/issues/8712
Comment 1 Marian Rehak 2023-07-17 15:19:00 UTC 
Created redis tracking bugs for this issue:

Affects: epel-all [bug 2223397]