Bug 2376857 (CVE-2025-48367) - CVE-2025-48367 redis: Redis Unauthenticated Denial of Service
Summary: CVE-2025-48367 redis: Redis Unauthenticated Denial of Service
Keywords:
Status: NEW
Alias: CVE-2025-48367
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2380115 2380116
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-07-07 16:01 UTC by OSIDB Bzimport
Modified: 2025-11-11 12:04 UTC (History)
67 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2025:20760 0 None None None 2025-11-11 12:04:24 UTC
Red Hat Product Errata RHSA-2025:11401 0 None None None 2025-07-21 01:21:57 UTC
Red Hat Product Errata RHSA-2025:11453 0 None None None 2025-07-21 12:32:24 UTC
Red Hat Product Errata RHSA-2025:12006 0 None None None 2025-07-28 19:37:13 UTC
Red Hat Product Errata RHSA-2025:12008 0 None None None 2025-07-28 19:54:18 UTC
Red Hat Product Errata RHSA-2025:12468 0 None None None 2025-07-31 18:04:26 UTC
Red Hat Product Errata RHSA-2025:12478 0 None None None 2025-08-01 05:52:34 UTC
Red Hat Product Errata RHSA-2025:12524 0 None None None 2025-08-04 01:58:52 UTC
Red Hat Product Errata RHSA-2025:12768 0 None None None 2025-08-04 18:06:07 UTC
Red Hat Product Errata RHSA-2025:12769 0 None None None 2025-08-04 18:06:44 UTC
Red Hat Product Errata RHSA-2025:12789 0 None None None 2025-08-04 18:45:30 UTC
Red Hat Product Errata RHSA-2025:12892 0 None None None 2025-08-05 06:31:00 UTC

Description OSIDB Bzimport 2025-07-07 16:01:40 UTC 
Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19.
Comment 2 errata-xmlrpc 2025-07-21 01:21:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:11401 https://access.redhat.com/errata/RHSA-2025:11401
Comment 3 errata-xmlrpc 2025-07-21 12:32:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:11453 https://access.redhat.com/errata/RHSA-2025:11453
Comment 4 errata-xmlrpc 2025-07-28 19:37:08 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:12006 https://access.redhat.com/errata/RHSA-2025:12006
Comment 5 errata-xmlrpc 2025-07-28 19:54:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:12008 https://access.redhat.com/errata/RHSA-2025:12008
Comment 6 errata-xmlrpc 2025-07-31 18:04:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:12468 https://access.redhat.com/errata/RHSA-2025:12468
Comment 7 errata-xmlrpc 2025-08-01 05:52:29 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2025:12478 https://access.redhat.com/errata/RHSA-2025:12478
Comment 8 errata-xmlrpc 2025-08-04 01:58:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:12524 https://access.redhat.com/errata/RHSA-2025:12524
Comment 9 errata-xmlrpc 2025-08-04 18:06:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2025:12768 https://access.redhat.com/errata/RHSA-2025:12768
Comment 10 errata-xmlrpc 2025-08-04 18:06:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:12769 https://access.redhat.com/errata/RHSA-2025:12769
Comment 11 errata-xmlrpc 2025-08-04 18:45:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2025:12789 https://access.redhat.com/errata/RHSA-2025:12789
Comment 12 errata-xmlrpc 2025-08-05 06:30:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:12892 https://access.redhat.com/errata/RHSA-2025:12892
Note You need to log in before you can comment on or make changes to this bug.