Bug 2137209 (CVE-2022-3647) - CVE-2022-3647 redis: crash in sigsegvHandler debug function
Summary: CVE-2022-3647 redis: crash in sigsegvHandler debug function
Status: NEW
Alias: CVE-2022-3647
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 2137210 Red Hat2143619 2137211 Engineering2137212 Engineering2137213 Red Hat2137340 Red Hat2137341
Blocks: Embargoed2137112
TreeView+ depends on / blocked
Reported: 2022-10-24 07:45 UTC by Borja Tarraso
Modified: 2022-11-22 15:05 UTC (History)
46 users (show)

Fixed In Version:
Doc Type: ---
Doc Text:
A flaw was found in Redis when calling the sigsegvHandler function of the debug component crash report. This issue causes a crash, ignoring the report information and kills the processes, which leads to a denial of service.
Clone Of:
Last Closed:

Attachments (Terms of Use)

Description Borja Tarraso 2022-10-24 07:45:45 UTC
A vulnerability, which was classified as problematic, was found in Redis. Affected is the function sigsegvHandler of the file debug.c of the component Crash Report. The manipulation leads to denial of service. The name of the patch is 0bf90d944313919eb8e63d3588bf63a367f020a3. It is recommended to apply a patch to fix this issue. VDB-211962 is the identifier assigned to this vulnerability.

Comment 1 Borja Tarraso 2022-10-24 07:46:18 UTC
Created redis tracking bugs for this issue:

Affects: epel-7 [bug 2137210]
Affects: fedora-all [bug 2137211]

Note You need to log in before you can comment on or make changes to this bug.